这儿以https://guge.net反向代理https://encrypted.google.com为例.
证书储存在/root/gugenet/文件夹中.
访问http衔接自动跳转到https链接.
只需把下面的代码拷贝到nginx的配置文件中(一般为nginx.conf),再重启nginx就可.
server
{
listen 443;
server_name guge.net;
ssl on;
ssl_certificate /root/gugenet/guge_net.crt;
ssl_certificate_key /root/gugenet/guge_net.pem;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
location / {
proxy_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_pass https://encrypted.google.com;
}
}
server
{
listen 80;
server_name guge.net;
rewrite ^(.*) https://guge.net/$1 permanent;
}
server
{
listen 80;
server_name www.guge.net;
rewrite ^(.*) https://guge.net/$1 permanent;
}