qwertty01

@keymao #57 还想要例证，谜语人抬着高贵的手，打下几个网络小鬼惯用的梗，就已经是大发慈悲了。

不明白买苹果还要考虑什么性价比，您这明显不是苹果的目标用户啊

@shiyuu #28 这个我就不太清楚了，你看一下解析配置的有没有问题，或者看一下 access.log

@shiyuu #25 我因为是自己搞着玩得，用的是 mkcert 生成的泛域名证书，然后让浏览器信任一下就可以了

https://www.jianshu.com/p/7cb5c2cffaaa

可以参考我得配置，用域名，https 也能搞定

```
server {
listen 443 ssl;
# listen [::]:443;
server_name test.test.com;
ssl_certificate /etc/nginx/certs/test.com.pem;
ssl_certificate_key /etc/nginx/certs/test.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

access_log /var/log/nginx/https.access.log main;

location / {
root /usr/share/nginx/html;
index index.html index.htm;
}

error_page 404 /404.html;

error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

upstream registry {
server 192.168.31.123:5000;
}
upstream image {
server 192.168.31.222:8080;
}
upstream esxi {
server 192.168.31.77:443;
}
upstream rmi {
server 192.168.31.88:443;
}



server {
listen 443 ssl;
# listen [::]:443;
server_name registry.test.com;
ssl_certificate /etc/nginx/certs/test.com.pem;
ssl_certificate_key /etc/nginx/certs/test.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

access_log /var/log/nginx/https.access.log main;

location / {
proxy_pass http://registry;
}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

server {
listen 443 ssl;
# listen [::]:443;
server_name image.test.com;
ssl_certificate /etc/nginx/certs/test.com.pem;
ssl_certificate_key /etc/nginx/certs/test.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

access_log /var/log/nginx/https.access.log main;

location / {
proxy_pass http://image;
}

error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}

server {
listen 443 ssl;
# listen [::]:443;
server_name esxi.test.com;
ssl_certificate /etc/nginx/certs/test.com.pem;
ssl_certificate_key /etc/nginx/certs/test.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

access_log /var/log/nginx/host.access.log main;

location / {
proxy_pass https://esxi;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}


error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
error_page 404 /404.html;
}

server {
listen 443 ssl;
# listen [::]:443;
server_name rmi.test.com;
ssl_certificate /etc/nginx/certs/test.com.pem;
ssl_certificate_key /etc/nginx/certs/test.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers HIGH:!aNULL:!MD5;

access_log /var/log/nginx/host.access.log main;

location / {
proxy_pass https://rmi;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}


error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
error_page 404 /404.html;
}

```

daocloud 咋样