一、前言1.1 正向代理功能比较简单,但是原生Nginx不支持https代理,如果访问https网站,会报错 。
# nginx代理不支持http CONNECT方法:curl: (56) Received HTTP code 400 from proxy after CONNECT1.2 为了实现对https代理的支持,需要对原有nginx源码打补丁,就可以让nginx支持CONNECT模式了 。
https://github.com/chobits/ngx_http_proxy_connect_module#build-openresty
二、下载并安装openrestyshell> yum -y install lua-develshell> wget http://dlsw.91donkey.com/software/source/nginx/openresty-1.15.8.1.tar.gzshell> git clone https://github.com/chobits/ngx_http_proxy_connect_module.gitshell> tar zxf openresty-1.15.8.1.tar.gzshell> vim bundle/nginx-1.15.8/auto/cc/gcc# 将下列代码注释掉,能够减少编译后nginx二级制文件的大小,提高程序执行效率 。# debugCFLAGS="$CFLAGS -g"shell> cd openresty-1.15.8.1shell> ./configure --prefix=/opt/openresty --with-http_stub_status_module --with-http_sub_module--with-http_auth_request_module --with-http_addition_module--add-module=/usr/local/src/ngx_http_proxy_connect_moduleshell> patch -d build/nginx-1.15.8/ -p 1 < /usr/local/src/ngx_http_proxy_connect_module/patch/proxy_connect_rewrite_101504.patchshell> gmake -j 8 && gmake installshell> echo "/opt/openresty/nginx/sbin/nginx" >> /etc/rc.d/rc.localshell> /opt/openresty/nginx/sbin/nginx# 配置nginx vim语法高亮shell> cd /usr/local/src/openresty-1.11.2.5/build/nginx-1.11.2/contrib/vim/shell> mkdir ~/.vim/ && cp -R * ~/.vim/三、配置服务器端nginx正向代理# 在nginx.conf中增加server{}块,具体如下: server { listen 8080; resolver 8.8.8.8; resolver_timeout 5s; proxy_connect; proxy_connect_allow 443 563; proxy_connect_connect_timeout 10s; proxy_connect_read_timeout 10s; proxy_connect_send_timeout 10s; location / { proxy_pass $scheme://$host$request_uri; proxy_set_header Host $http_host; proxy_buffers 256 4k; proxy_max_temp_file_size 0; proxy_connect_timeout 30; } access_log /export/home/logs/proxy/access.log main; error_log /export/home/logs/proxy/error.log; }四、配置终端代理# 在 /etc/profile 文件中增加如下三项 。export proxy="http://{proxy_server_ip}:8080"export http_proxy=$proxyexport https_proxy=$proxy# 使配置生效shell> source /etc/profile作者:龍龍小宝
原文:https://www.cnblogs.com/91donkey/p/11639311.html
【nginx正向https代理配置】
推荐阅读
- Nginx + Tomcat + Redis 架构的负载均衡及会话保持
- 高并发场景下的Nginx优化指南
- Nginx+Tomcat关于Session的管理
- Spring Boot项目如何同时支持HTTP和HTTPS协议
- Nginx的四大用途你都知道吗?
- Mysql数据库连接查询
- MySQL 触发器
- PHP-FPM在Nginx特定配置下任意代码执行漏洞预警
- 一次看懂 Https 证书认证
- 高级前端必须要懂得nginx知识