| [备忘]nginx反向代理,https到upstream上 | ||
上一篇:[备忘]linux下,expect+ssh,自动更新多个服务器 |
||
| 添加日期:2018/5/7 18:28:58 | 快速返回 返回列表 | 阅读2730次 |
upstream backend.example.com { server backend1.example.com:443; server backend2.example.com:443; } server { listen 80; server_name www.example.com; ... location /upstream { proxy_pass https://backend.example.com; proxy_ssl_certificate /etc/nginx/client.pem; proxy_ssl_certificate_key /etc/nginx/client.key proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2; proxy_ssl_ciphers HIGH:!aNULL:!MD5; proxy_ssl_trusted_certificate /etc/nginx/trusted_ca_cert.crt; proxy_ssl_verify on; proxy_ssl_verify_depth 2; proxy_ssl_session_reuse on; } } 参考:https://docs.nginx.com/nginx/admin-guide/security-controls/securing-http-traffic-upstream/ 这时,nginx其实是https的客户端,应该不需要证书。 |
||
| 评论 COMMENTS | |
| 没有评论 No Comments. |
