Nginx SSL反向代理
时间:2015-01-27 15:21 来源:linux.it.net.cn 作者:IT
Nginx反向代理,用的场景非常之多。Nginx反向代理配置可以参见下本博客内容。那么,nginx的SSL反向代理该如何配置呢?SSL配置请站内搜索,这里就不累述了。
修改nginx.conf配置
server {
listen 443 ssl;
server_name www.ttlsa.com;
ssl_certificate ssl/www.ttlsa.com.crt;
ssl_certificate_key ssl/www.ttlsa.com.key;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass http://www.ttlsa.com;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
proxy_redirect off;
}
}
重启服务
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload
(责任编辑:IT)
|
Nginx反向代理,用的场景非常之多。Nginx反向代理配置可以参见下本博客内容。那么,nginx的SSL反向代理该如何配置呢?SSL配置请站内搜索,这里就不累述了。 修改nginx.conf配置
server {
listen 443 ssl;
server_name www.ttlsa.com;
ssl_certificate ssl/www.ttlsa.com.crt;
ssl_certificate_key ssl/www.ttlsa.com.key;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass http://www.ttlsa.com;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_set_header Accept-Encoding "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
add_header Front-End-Https on;
proxy_redirect off;
}
}
重启服务# /usr/local/nginx/sbin/nginx -t # /usr/local/nginx/sbin/nginx -s reload(责任编辑:IT) |