LVS+KeepaLived+Nginx SSL
制作证书 具体可以参考:
http://www.21andy.com/blog/20100224/1714.html
Nginx SSL配置:
- server {
- listen 80;
- server_name ssl.a.com ;
- rewrite (.*) https://ssl.a.com permanent;
- }
- server {
- listen 443;
- server_name ssl.a.com;
- root /data/ssl;
- index index.html;
- ssl on;
- ssl_certificate /opt/nginx/conf/server.crt;
- ssl_certificate_key /opt/nginx/conf/server.key;
- location ~ .*\.(php|php5)?$ {
- #fastcgi_pass unix:/tmp/php-cgi.sock;
- fastcgi_pass 127.0.0.1:9000;
- fastcgi_index index.php;
- include fastcgi.conf;
- }
- location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
- expires 30d;
- }
- location ~ .*\.(js|css)?$ {
- expires 1h;
- }
- }
rewrite规则可以参考:
http://blog.cafeneko.info/2010/10/nginx_rewrite_note/
现在将域名解析到LVS的地址上面,无论是通过http还是https协议访问ssl.a.com 都将以https协议进行访问
转载于:https://blog.51cto.com/unixlike/785956