CentOS 7.X下 — 配置nginx正向代理支持https

  • A+

一、说明

1.1、需求说明

由于服务器在国外,偶尔有请求国内的需求(连接性不好,有超时),在香港弄一台Nginx正向代理,让程序请求代理服务器,代理服务器去请求目标服务器,然后获取数据,逻辑图如下:
国外服务器 --> 香港Nginx代理 --> 国内服务器

1.2、环境说明

本次测试使用的操作系统为:CentOS 7.2 x86 64位 最小化安装的操作系统,
系统基础优化请参考:https://www.zhuimengren.co/suiji/933.html

二、安装与配置Nginx

2.1、安装Nginx

nginx安装请参考:https://www.zhuimengren.co/suiji/788.html

2.2配置Nginx

# cat nginx.conf
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;

#HTTP proxy       #这里位http的正向代理配置
    server{
        resolver 8.8.8.8;
        access_log /var/log/nginx/access_proxy-80.log main;
    listen 80;
    location / {
    root html;
    index index.html index.htm;
    proxy_pass $scheme://$host$request_uri;
    proxy_set_header HOST $http_host;
    proxy_buffers 256 4k;
    proxy_max_temp_file_size 0k;
    proxy_connect_timeout 30;
    proxy_send_timeout 60;
    proxy_read_timeout 60;
    proxy_next_upstream error timeout invalid_header http_502;
    }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
        }
    }

#HTTPS proxy        #这里为:https的正向代理配置      
    server{
    resolver 8.8.8.8;
    access_log /var/log/nginx/access_proxy-443.log main;
    listen 443;
    location / {
    root html;
    index index.html index.htm;
    proxy_pass https://$host$request_uri;
    proxy_buffers 256 4k;
    proxy_max_temp_file_size 0k;
    proxy_connect_timeout 30;
    proxy_send_timeout 60;
    proxy_read_timeout 60;
    proxy_next_upstream error timeout invalid_header http_502;
    }
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
    root html;
    }
    }
}
# /usr/local/nginx/sbin/nginx -t
# /usr/local/nginx/sbin/nginx -s reload

2.3、测试

  • 如果访问HTTP网站,可以直接这样的方式: curl --proxy proxy_server-ip:80 http://www.hm.net/ ,结果如下:
    CentOS 7.X下 -- 配置nginx正向代理支持https
  • 如果访问HTTPS网站,例如https://www.alipay.com,那么可以使用nginx的HTTPS转发的server:
    curl --proxy proxy_server:443 http://www.alipay.com
    CentOS 7.X下 -- 配置nginx正向代理支持https
  • 浏览器使用代理配置
    CentOS 7.X下 -- 配置nginx正向代理支持https

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: