Windows下部署Nginx-simple self,simple life

Windows下部署Nginx，并转发到教评

下载Windows版本Nginx包
- 参考地址：http://nginx.org/en/download.html
- 1.20.2下载地址：http://nginx.org/download/nginx-1.20.2.zip
- 程序存放路径：C:\nginx\nginx-1.20.2\ ，注意此文件下为直接解压后的文件，注意目录
转换证书（可选，证书在部署在服务器上适用，学校直接转发或http忽略）
- 导出IIS的pfx证书，命名为 ssl.pfx ，密码为123456
- pfx证书转换为nginx适用的证书（需在Linux环境下执行）
  
  – 转换证书
  
  openssl pkcs12 -in /xxx/ssl/ssl.pfx -clcerts -nokeys -out /xxx/ssl/ssl.crt
  openssl pkcs12 -in /xxx/ssl/ssl.pfx -nocerts -nodes -out /xxx/ssl/ssl.rsa
  
  – 验证证书
  
  openssl s_server -www -accept 443 -cert /xxx/ssl/ssl.crt -key /xxx/ssl/ssl.rsa
- 得到nginx证书文件ssl.crt、ssl.rsa，放到 C:\nginx\ssl\ 文件夹下
配置Nginx和IIS
- 修改conf文件夹下的nginx.conf文件
  
  参考配置如下见文章结尾
- 修改IIS下jp网站端口，取消域名绑定、删除443端口绑定，修改端口为81
- 启动nginx目录下的 nginx.exe文件


#user  nobody;
worker_processes  4;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    upstream jp {
        server 127.0.0.1:81; 
        keepalive 64;
    }

    upstream jp_stat {
        server xxx.xx.xxx.xxx:5026; #此处为stat服务
        keepalive 64;
    }

    server {
        listen 443 ssl;
        server_name xxx.xxxx.edu.cn; #此处为域名

        ssl_certificate      C://nginx//ssl//ssl.crt;  
        ssl_certificate_key  C://nginx//ssl//ssl.rsa;  
        
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        
     location ^~/stat/ {
        proxy_set_header   X-Real-IP            $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header   Host                   $http_host;
        proxy_set_header   X-NginX-Proxy    true;
        proxy_set_header   Connection "";
        proxy_http_version 1.1;
        rewrite ^/stat/(.*)$ /$1 break;
        proxy_pass         http://jp_stat;
     }

     location / {
        proxy_set_header   X-Real-IP            $remote_addr;
        proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
        proxy_set_header   Host                   $http_host;
        proxy_set_header   X-NginX-Proxy    true;
        proxy_set_header   Connection "";
        proxy_http_version 1.1;
        proxy_pass         http://jp;
     }
     
    }

    server {
            listen 80;
            server_name xxx.xxxx.edu.cn; #此处为域名
            rewrite ^/(.*)$ https://xxx.xxxx.edu.cn:443/$1 permanent; #此处为域名
        }
}

Sean

Windows下部署Nginx