Nginx
nginx 作為 macOS 伺服器的 apache 的反向代理
我想在 macOS 上使用 nginx 作為伺服器 apache 的反向代理。我管理預設 macOS 伺服器的 apache 以在 HTTP 埠 4780 和 HTTPS 埠 47443 上執行。配置位於此處:
/Library/Server/Web/Config/Proxy/apache_serviceproxy.conf
現在 nginx 的部分:我希望 nginx 在 subdomain 上代理伺服器的 apache
server.example.com
。對於 HTTP,它像魅力一樣工作,但 HTTPS 是問題,因為證書在 apache 中,而不是在 nginx 中……
HTTP 配置:
server { listen 80; listen [::]:80; server_name server.example.com; #charset koi8-r; access_log /logs/server.access.log main; error_log /logs/server.error.log error; location / { proxy_pass http://localhost:4780; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
HTTPS 配置:
server { listen 443; listen [::]:443; server_name server.example.com; #charset koi8-r; access_log /logs/server.access.log main; error_log /logs/server.error.log error; location / { proxy_pass https://localhost:47443; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
對於 HTTP 它可以工作,但對於 HTTPS 不能:
Safari can't establish a secure connection to the server
如何做呢?
在 HTTPS 配置中的 server_name 下添加以下兩行:
ssl_certificate /path/to/your/certificate_file; ssl_certificate_key /path/to/your/private_key_file;
並在監聽指令中添加
ssl
選項。您的配置將如下所示:
server { listen 443 ssl; listen [::]:443 ssl; server_name server.example.com; ssl_certificate /path/to/your/certificate_file; ssl_certificate_key /path/to/your/private_key_file; #charset koi8-r; access_log /logs/server.access.log main; error_log /logs/server.error.log error; location / { proxy_pass https://localhost:47443; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }