web端拷貝證書與密鑰
scp -rp -P52113 /application/nginx/conf/key 10.0.0.5:/application/nginx/conf/
在nginx負(fù)載均衡服務(wù)端配置
vim /application/nginx/conf/nginx.conf
worker_processes 2;
error_log logs/error.log;
events {
worker_connections 65535;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream server_pools {
server 10.0.0.200:443 weight=1 max_fails=3 fail_timeout=10;
#server 10.0.0.8:443 weight=1 max_fails=3 fail_timeout=10;
#server 10.0.0.9:443 weight=1 max_fails=3 fail_timeout=10;
}
server {
listen 80;
server_name localhost;
rewrite ^(.*)$ https://$host$1 permanent;
}
server {
listen 10.0.0.5:443;
server_name www.abc.com;
#開(kāi)啟 https 注意要添加在server區(qū)塊 不能在http區(qū)塊中放置
ssl on;
ssl_certificate /application/nginx/conf/key/server.crt;
ssl_certificate_key /application/nginx/conf/key/server.key;
location / {
proxy_pass https://server_pools;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
#檢查nginx負(fù)載均衡配置
/application/nginx/sbin/nginx -t
#重啟nginx負(fù)載均衡
/application/nginx/sbin/nginx -s stop
/application/nginx/sbin/nginx
瀏覽器訪問(wèn)測(cè)試
注意修改hosts對(duì)應(yīng)的是負(fù)載均衡的IP地址信息
訪問(wèn)測(cè)試
訪問(wèn)結(jié)果