nginx代理https后端

发表于2019-10-10由Zeno Chen

这里采用的新域名和老域名是同一个域名
域名的源服务器解析写在/etc/hosts里面
域名的代理服务器解析由外部dns完成

upstream signSrv {
    server dfmen.com:443 weight=3;
}

server {
    listen 443 ssl http2 fastopen=3 reuseport;
    server_name dfmen.com;
    ssl_certificate /etc/nginx/ssl/dfmen.com.pem;
    ssl_certificate_key /etc/nginx/ssl/dfmen.com.key;
    ssl_session_timeout 5m;
    ssl_protocols SSLv2 SSLv3 TLSv1.2;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;

    #root        /srv/http/dfmen.com;

    #charset koi8-r;

    access_log  /var/log/nginx/dfmen.com.access.log;
    error_log   /var/log/nginx/dfmen.com.error.log;

    location / {
        root         html;

        proxy_pass         https://signSrv/;
        proxy_set_header          Host     "dfmen.com";
        proxy_ssl_certificate     /etc/nginx/ssl/dfmen.com.pem;
        proxy_ssl_certificate_key /etc/nginx/ssl/dfmen.com.key;
        proxy_ssl_session_reuse off;
        index              index.php index.html index.htm;
    }

}

关于Zeno Chen

本人涉及的领域较多，杂而不精程序设计语言: Perl, Java, PHP, Python; 数据库系统: MySQL,Oracle; 偶尔做做电路板的开发，主攻STM32单片机

查看由Zeno Chen发表的所有文章 →

此条目发表在Linux分类目录。将固定链接加入收藏夹。