# 進(jìn)入nginx目錄
[root@hecs-402944 nginx]# cd /etc/nginx/
[root@hecs-402944 nginx]# ls
conf.d     fastcgi.conf          fastcgi_params          koi-utf  mime.types          nginx.conf          scgi_params          uwsgi_params          win-utf
default.d  fastcgi.conf.default  fastcgi_params.default  koi-win  mime.types.default  nginx.conf.default  scgi_params.default  uwsgi_params.default

# 創(chuàng)建ssl目錄
[root@hecs-402944 nginx]# mkdir ssl
[root@hecs-402944 nginx]# cd ssl

[root@hecs-402944 ssl]# openssl genrsa -aes256 -out server.key 2048
Generating RSA private key, 2048 bit long modulus
...........................................................+++
................................................................................................+++
e is 65537 (0x10001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:

# 生成無密碼的server.key
[root@hecs-402944 ssl]# openssl rsa -in server.key -out server.key
Enter pass phrase for server.key:
writing RSA key
[root@hecs-402944 ssl]# ls
server.key

[root@hecs-402944 ssl]# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
## 國(guó)家
Country Name (2 letter code) [XX]:CN
## 省份
State or Province Name (full name) []:heilongjiang
## 城市
Locality Name (eg, city) [Default City]:haerbin
## 公司
Organization Name (eg, company) [Default Company Ltd]:xxxxxxx
## 行業(yè)
Organizational Unit Name (eg, section) []:IT
## 網(wǎng)站
Common Name (eg, your name or your server's hostname) []:www.xxxxxxx.com
## 郵箱
Email Address []:xxxxxx@xxxxxx.com.cn

Please enter the following 'extra' attributes
to be sent with your certificate request
## 兩次回車
A challenge password []:
An optional company name []:
[root@hecs-402944 ssl]# ll
總用量 8
-rw-r--r-- 1 root root 1082 5月  13 09:15 server.csr
-rw-r--r-- 1 root root 1679 5月  13 09:11 server.key

# 生成crt證書文件server.crt
[root@hecs-402944 ssl]# openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650
Signature ok
subject=/C=CN/ST=heilongjiang/L=haerbin/O=dongfangtongwangxin/OU=IT/CN=www.tongtech.com/emailAddress=weirx@mvtech.com.cn
Getting Private key

server {
	   listen 443 ssl http2 default_server;
	   listen [::]:443 ssl http2 default_server;

	   ssl on;
	   ssl_certificate "/etc/nginx/ssl/server.crt";
	   ssl_certificate_key "/etc/nginx/ssl/server.key";
	   ssl_session_cache shared:SSL:1m;
	   ssl_session_timeout 10m;
	   ssl_ciphers HIGH:!aNULL:!MD5;
	   ssl_prefer_server_ciphers on;
	   
        server_name  _;
		
        include /etc/nginx/default.d/*.conf;

        root /opt/vue/dist;

        gzip_static on;

	location / {
         proxy_pass http://localhost:13000;
        }

           # 支持websocket的配置項(xiàng)
	    location /websocket {
	        proxy_pass http://localhost:13000;
	        # WebScoket Support
	        proxy_http_version 1.1;
	        proxy_set_header Upgrade $http_upgrade;
	        proxy_set_header Connection "upgrade";
	    }
        }

#開發(fā)環(huán)境env配置
NODE_ENV=production
VUE_APP_SYSTEM_URL=//172.16.3.30/system
VUE_APP_COMPONENTS_URL=//172.16.3.30/components
VUE_APP_API_BASIC_URL=//172.16.3.30/basic

VUE_APP_SOCKETURL = 'wss://172.16.3.29'