前后端项目部署到服务器,分别配置SSL
后端项目部署
(1)在项目根目录下新建一个https文件夹,将下载的证书文件放进去
(2)修改项目bin文件夹下的www文件
#!/usr/bin/env node /** * Module dependencies. */ var app = require('../app'); var debug = require('debug')('chinadramaapi:server'); var http = require('http'); var https = require('https'); var fs = require('fs'); var path = require('path'); var privateCrt = fs.readFileSync(path.join(process.cwd(), 'https/1_文件名.crt'), 'utf8'); var privateKey = fs.readFileSync(path.join(process.cwd(), 'https/2_文件名.key'), 'utf8'); const HTTPS_OPTOIN = { key: privateKey, cert: privateCrt }; const SSL_PORT = 443; const httpsServer = https.createServer(HTTPS_OPTOIN, app); httpsServer.listen(SSL_PORT, () => { console.log(`HTTPS Server is running on: https://localhost:${SSL_PORT}`); }); /** * Get port from environment and store in Express. */ var port = normalizePort(process.env.PORT || '3000'); app.set('port', port); /** * Create HTTP server. */ var server = http.createServer(app); /** * Listen on provided port, on all network interfaces. */ server.listen(port); server.on('error', onError); server.on('listening', onListening); /** * Normalize a port into a number, string, or false. */ function normalizePort(val) { var port = parseInt(val, 10); if (isNaN(port)) { // named pipe return val; } if (port >= 0) { // port number return port; } return false; } /** * Event listener for HTTP server "error" event. */ function onError(error) { if (error.syscall !== 'listen') { throw error; } var bind = typeof port === 'string' ? 'Pipe ' + port : 'Port ' + port; // handle specific listen errors with friendly messages switch (error.code) { case 'EACCES': console.error(bind + ' requires elevated privileges'); process.exit(1); break; case 'EADDRINUSE': console.error(bind + ' is already in use'); process.exit(1); break; default: throw error; } } /** * Event listener for HTTP server "listening" event. */ function onListening() { var addr = server.address(); var bind = typeof addr === 'string' ? 'pipe ' + addr : 'port ' + addr.port; debug('Listening on ' + bind); }
(3)上传到服务器,重启
前端项目部署
(1)将下载的证书文件,放到服务端tomcat配置目录下, /etc/tomcat8/conf
(2)修改server.xml文件,添加以下内容
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" #证书保存的路径 keystoreFile="/etc/tomcat8/证书文件名.jks" #密钥库密码 keystorePass="证书密钥" clientAuth="false"/>
(3)重启tomcat