Bypass https by NGINX as proxy server

2019-06-14 04:21发布

站内问答 / 后端开发
335 1 4

I used nginx as regular proxy server. However, it only works with http but not https. It returns an error page for the https requests.Is there a way to configure NGINX for it to bypass https?

worker_processes auto;
events {
  worker_connections 1024;
}


http {
  include mime.types;
  default_type application/octet-stream;
  sendfile on;
  keepalive_timeout 65;

  server {
     resolver 114.114.114.114;
     listen 8228;
     server_name localhost;
     location / {
       proxy_pass $scheme://$http_host$request_uri;
       proxy_set_header Host $http_host;
       proxy_buffers 256 4k;
     }

  error_page 500 502 503 504 /50x.html;
  location = /50x.html {
     root html;
  }
  }

标签: nginx
举报
1条回答
We Are One
2楼-- · 2019-06-14 04:35

You have to add new server location with https-related settings, this might do the job:

server {
   resolver 114.114.114.114;

   // note the port is changed, you can't serve HTTP and HTTPS on same port
   listen 8229 ssl;

   // here you must place valid certificates (may be self-singed)
   // startssl example:
   // # (cat example.com.pem & wget -O - https://www.startssl.com/certs/class1/sha2/pem/sub.class1.server.sha2.ca.pem) | tee -a /etc/nginx/ssl/domain.pem > /dev/null
   ssl_certificate /etc/nginx/domain.pem;

   // private key decoded, example
   // # openssl rsa -in decoded.key -out domain.key
   ssl_certificate_key /etc/nginx/domain.key;

   server_name localhost;

   location / {
       proxy_pass $scheme://$http_host$request_uri;
       proxy_set_header Host $http_host;
       proxy_buffers 256 4k;
   }

There are lots of optional parameters for HTTPS configuration you must use on production for sufficient security, I've already described really good security configuration on github gist by link, also official documentation on ssl module is a good point for start.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)