Nginx SSL反向代理-成长的对话

Nginx反向代理，用的场景非常之多。Nginx反向代理配置可以参见下本博客内容。那么，nginx的SSL反向代理该如何配置呢？SSL配置请站内搜索，这里就不累述了。

修改nginx.conf配置

server {
        listen          443 ssl;
        server_name     www.ttlsa.com;

        ssl_certificate      ssl/www.ttlsa.com.crt;
        ssl_certificate_key  ssl/www.ttlsa.com.key;
     	ssl_prefer_server_ciphers on;
     	keepalive_timeout    60;
	ssl_session_cache    shared:SSL:10m;
     	ssl_session_timeout  10m;
 
     	location / {
	        proxy_pass  http://www.ttlsa.com;
        	proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
                proxy_set_header        Accept-Encoding   "";
	        proxy_set_header        Host            $host;
	        proxy_set_header        X-Real-IP       $remote_addr;
	        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
	        proxy_set_header        X-Forwarded-Proto $scheme;
		add_header              Front-End-Https   on;
	        proxy_redirect     off;
      }
}

server {

listen 443 ssl ;

server_name www . ttlsa . com ;

ssl_certificate ssl / www . ttlsa . com . crt ;

ssl_certificate_key ssl / www . ttlsa . com . key ;

ssl_prefer_server_ciphers on ;

keepalive _timeout 60 ;

ssl_session_cache shared : SSL : 10m ;

ssl_session _timeout 10m ;

location / {

proxy_pass http : //www.ttlsa.com;

proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 ;

proxy_set_header Accept - Encoding "" ;

proxy_set_header Host $ host ;

proxy_set _header X - Real - IP $ remote_addr ;

proxy_set _header X - Forwarded - For $ proxy_add_x_forwarded_for ;

proxy_set _header X - Forwarded - Proto $ scheme ;

add_header Front - End - Https on ;

proxy_redirect off ;

}

重启服务

# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload

1 2	# /usr/local/nginx/sbin/nginx -t # /usr/local/nginx/sbin/nginx -s reload

转载请注明：成长的对话 » Nginx SSL反向代理

修改nginx.conf配置

重启服务

与本文相关的文章