OMC/build.ems
1
0
Fork 0
Code Issues Activity

fix: certs renew

Browse Source
This commit is contained in:
simonzhangsz
2024-01-10 11:36:11 +08:00
parent 3fd8d21e2c
commit 53c5ef5457
1 changed files with 13 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
build/etc/nginx/conf.d/omc.conf
View File

@@ -1,16 +1,22 @@
server { server {
listen 4443 ssl; listen 4443 ssl;
listen [::]:4443 ssl; listen [::]:4443 ssl;
server_name 0.0.0.0; server_name 0.0.0.0;
root /usr/local/omc/htdocs/front/; root /usr/local/omc/htdocs/front/;
index index.html index.htm; index index.html index.htm;
server_name localhost; server_name localhost;
# SSL # SSL
ssl_certificate /usr/local/omc/etc/certs/ca_cert.pem; ssl_certificate /usr/local/omc/etc/certs/omc-server.crt;
ssl_certificate_key /usr/local/omc/etc/certs/private_key.pem; ssl_certificate_key /usr/local/omc/etc/certs/omc-server.key;
#ssl_certificate /usr/local/omc/etc/certs/tsa-omc.pem;
#ssl_certificate_key /usr/local/omc/etc/certs/tsa-omc_pri.pem;
# CA, 自定义
ssl_client_certificate /usr/local/omc/etc/certs/omc-ca.crt;
ssl_verify_client on;
# ssl ciphers
ssl_protocols TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
# location /api/rest/securityManagement { # location /api/rest/securityManagement {
# proxy_pass http://127.0.0.1:5050; # proxy_pass http://127.0.0.1:5050;
# } # }