LVS+KeepaLived+Nginx SSL(三)
LVS+KeepaLived+Nginx SSL制作证书 具体可以参考:
http://www.21andy.com/blog/20100224/1714.html
Nginx SSL配置:
[*]server{
[*] listen80;
[*] server_name ssl.a.com ;
[*] rewrite (.*) https://ssl.a.com permanent;
[*] }
[*]server {
[*]
[*] listen 443;
[*] server_name ssl.a.com;
[*] root /data/ssl;
[*] index index.html;
[*] ssl on;
[*] ssl_certificate /opt/nginx/conf/server.crt;
[*] ssl_certificate_key /opt/nginx/conf/server.key;
[*]
[*] location ~ .*\.(php|php5)?$ {
[*] #fastcgi_passunix:/tmp/php-cgi.sock;
[*] fastcgi_pass127.0.0.1:9000;
[*] fastcgi_index index.php;
[*] include fastcgi.conf;
[*] }
[*]
[*] location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
[*] expires 30d;
[*] }
[*]
[*] location ~ .*\.(js|css)?$ {
[*] expires 1h;
[*] }
[*]}
rewrite规则可以参考:
http://blog.cafeneko.info/2010/10/nginx_rewrite_note/
现在将域名解析到LVS的地址上面,无论是通过http还是https协议访问ssl.a.com 都将以https协议进行访问
页:
[1]