在Nginx中修改跨域配置非常简单,只需要在虚拟主机配置文件中添加以下内容:add_header Access-Control-Allow-Origin *; add_header Access-Control-Allow-Methods GET, POST, OPTIONS;add_header Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type; add_header Access-Control-Max-Age 1728000; 其中,Access-Control-Allow-Origin用于指定允许跨域请求的域名,Access-Control-Allow-Methods用于指定允许跨域请求的HTTP方法,Access-Control-Allow-Headers用于指定允许跨域请求的HTTP头,Access-Control-Max-Age用于指定允许跨域请求的缓存时间。二、nginx配置https详解?
https配置步骤:1、申请SSL证书;2、在Nginx服务器上面安装SSL证书:(1)将证书文件(.crt文件)放到指定目录下,例如:/usr/local/nginx/conf/cert(2)将私钥文件(.key文件)放到指定目录,例如/usr/local/nginx/conf/ssl(3)若为CA机构签发证书,需要将中间证书文件放到指定目录下,例如/usr/local/nginx/conf/certs3、修改Nginx配置文件:(1)打开/etc/nginx/nginxnf文件(2)在http部分增加如下配置ssl on;ssl_certificate /usr/local/nginx/conf/cert/xxx.crt;ssl_certificate_key /usr/local/nginx/conf/ssl/xxx.key;ssl_session_cache shared:SSL:1m;ssl_session_timeout 5m;(3)如果是CA证书,还需要增加配置ssl_client_certificate /usr/local/nginx/conf/certs/xxx.crt;4、重新加载Nginx配置文件:nginx -s reload5、测试配置是否正确:(1)curl -k https://www.xxx (测试https是否正常)(2)openssl s_client -connect www.xxx:443 (检查ssl证书是否安装正确)
