Nginx SSL反代谷歌搜索
1.材料
1.SSL证书 一枚
2.国外VPS 一只
3.域名 一只
2.演示环境
1.ramnode家小鸡
2.centos6 64bit
3.nginx
3.步骤
1.安装Nginx
cd /etc/yum.repos.d/ vi nginx.repo [nginx] name=nginx repo baseurl=http://nginx.org/packages/centos/6/$basearch/ gpgcheck=0 enabled=1 yum install nginx -y
2.新建nginx的主机conf文件.假设你的域名为g.a.com
touch /etc/nginx/conf.d/g.a.com.conf
3.在新建的g.a.com.conf文件中写入下列内容.注意证书位置和你的域名g.a.com
server { listen 443 ssl; listen 80; server_name g.a.com; ssl on; ssl_certificate encrypt/g.a.com.crt;#SSL证书位置 ssl_certificate_key encrypt/g.a.com.key;#SSL证书位置 ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; #access_log logs/google.access.log;#可自行选择是否开启日志 location / { proxy_pass https://www.google.com.hk; proxy_redirect ~^https://www.google.com.hk(.*) https://g.a.com$1; proxy_redirect ~^https://www.google.com(.*) https://g.a.com$1; } error_page 497 https://$host$uri?$args; }
4.新建目录encrypt 将你对应证书的修改好名字和后缀放进去。
mkdir /etc/nginx/encrypt
5.重启Nginx
service nginx restart
6.解析域名g.a.com到该VPS
4.补充
如果你也用的ramnode家的小鸡,请在重启nginx之前,干掉自带的httpd服务。
赞
谷歌搜索Nginx