我有一个主Nginx服务器决定传入服务器名称将请求路由到哪里.对于两个辅助服务器,此主Nginx服务器也持有ssl证书和密钥.第三台服务器持有自己的证书和密钥,因为它们经常有更新过程.
我现在的问题是如何配置主Nginx服务器以将所有请求转发到服务器3,这些请求将进入此服务器.我无法将证书和密钥从服务器3复制到主服务器,因为它们经常更改.
最佳答案
这是一个可能有用的配置.代理通过master并将所有内容转发给Server3.使用ssl端口但关闭ssl.
server {
listen 443;
server_name myserver.mydomain.whatever;
ssl off;
access_log /var/log/Nginx/myserver.access.log;
error_log /var/log/Nginx/myserver.error.og;
keepalive_timeout 60;
location / {
set $fixed_destination $http_destination;
if ( $http_destination ~* ^https(.*)$)
{
set $fixed_destination http$1;
}
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Destination $fixed_destination;
# Fix the “It appears that your reverse proxy set up is broken" error.
# might need to explicity set https://localip:port
proxy_pass $fixed_destination;
# force timeout if backend died.
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_read_timeout 90;
proxy_redirect http:// https://;
}
}