У меня есть веб-сайт, который использует сертификат Let's Encrypt.Работает нормально, когда не указан порт.Однако я использую порт 4300 для SAP XSEngine, и когда я открываю https://host.com:4300,, он не использует сертификат.
Я бы хотел, чтобы он использовал тот же сертификат на веб-сайте, будь то сили без порта.
Я видел эти сайты, но не смог управлять им, чтобы он заработал:
Текущий код
upstream host01 {
server 1.1.1.1:8100;
}
upstream host02 {
server 2.2.2.2:40000;
}
upstream host03 {
server 3.3.3.3:8443;
}
upstream host04 {
server 2.2.2.2:40000;
}
upstream host05 {
server 4.4.4.4:50000;
}
upstream host06 {
server 5.5.5.5:4300;
}
server {
listen 443 ssl;
server_name host.com;
include snippets/host-ssl.conf;
ssl_session_timeout 10m;
ssl_session_cache shared:WEB:10m;
ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#B1i
location ~* ^(/B1iXcellerator) {
client_max_body_size 30m;
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host03;
}
#Analytics Platform
location ~* ^(/Enablement|/IMCC|/sap|/DemandPlanning) {
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host02;
}
#BAS Gate Keeper
location =/dispatcher/WebSocketService {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_pass https://host01;
}
location ~* (/dispatcher|/dispatcher/.*) {
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host01;
}
#Mobile Service
location ~* (/mobileservice|/mobileservice/.*){
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host04;
}
#ServiceLayer
location ~* ^(/ServiceLayer)$ {
rewrite ^(/ServiceLayer)$ /ServiceLayer/ permanent;
rewrite ^(/servicelayer)$ /ServiceLayer/ permanent;
client_max_body_size 30m;
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host05;
}
location ~* ^(/ServiceLayer/*) {
rewrite ^/ServiceLayer/(.*)$ /$1 break;
rewrite ^/servicelayer/(.*)$ /$1 break;
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host05;
}
#XSEngine
location ~* ^(/XSEngine)$ {
rewrite ^(/XSEngine)$ /XSEngine/ permanent;
rewrite ^(/xsengine)$ /XSEngine/ permanent;
client_max_body_size 30m;
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host06;
}
location ~* ^(/XSEngine/*) {
rewrite ^/XSEngine/(.*)$ /$1 break;
rewrite ^/xsengine/(.*)$ /$1 break;
include b1c_proxy_common.conf;
include b1c_proxy_common_ext.conf;
proxy_set_header HOST $host:$server_port;
proxy_pass https://host06;
}
location ~* \.(exe|sh)|\W(\.|~)\w+ { deny all; }
location /monitoring {
root /var/www/html;
try_files /monitoring.html =404;
}
location / { deny all; }
}