您的位置:首页 > 运维架构 > Nginx

nginx配置ssl

2015-11-08 16:20 549 查看

原文地址


配置文件

worker_processes  8;
worker_rlimit_nofile 65535;

#pid        logs/nginx.pid;

events {
use epoll;
worker_connections  8192;
}

http {
include       mime.types;
default_type  application/octet-stream;

log_format  main  '$cookie_sessionid $http_cookie $host $http_host $proxy_host $server_name $remote_addr - $remote_user [$time_local] "$request" '
'$status  $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$ssl_protocol $ssl_cipher $upstream_addr $request_time $upstream_response_time';

access_log  logs/access.log  main;

sendfile        on;

keepalive_timeout  65;

gzip  off;

upstream backend{
server 192.168.1.1:443;
}

server {
#监听443端口,SSL默认使用端口
listen      443;
server_name  www.go008.com;
#开启SSL功能
ssl                  on;
#证书文件
ssl_certificate      /usr/local/nginx/conf/ssl/crt1.crt;
#私钥文件
ssl_certificate_key  /usr/local/nginx/conf/ssl/key1.key;

#ssl_session_timeout  5m;

location /nstatus {
access_log off;
}

location / {
proxy_pass https://backend; proxy_redirect off;
proxy_set_header Host 192.168.1.1;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Cookie $http_cookie;
chunked_transfer_encoding off;
proxy_pass_header Set-Cookie;
proxy_cookie_domain 192.168.1.1 www.tops001.com;
}

error_page   500 502 503 504  /50x.html;
location = /50x.html {
root   html;
}
}
}

简要说明

证书制作略

主要配置server块里的ssl相关参数

监听SSL使用的端口,默认443

proxy_pass要以https开头
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息
标签: 
相关文章推荐
新的分享
章节导航