web端拷贝证书与密钥
scp -rp -P52113 /application/nginx/conf/key 10.0.0.5:/application/nginx/conf/
在nginx负载均衡服务端配置
vim /application/nginx/conf/nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
worker_processes 2; error_log logs/error.log; events { worker_connections 65535; } http { include mime.types; default_type application/octet-stream; sendfile on; keepalive_timeout 65; upstream server_pools { server 10.0.0.200:443 weight=1 max_fails=3 fail_timeout=10; #server 10.0.0.8:443 weight=1 max_fails=3 fail_timeout=10; #server 10.0.0.9:443 weight=1 max_fails=3 fail_timeout=10; } server { listen 80; server_name localhost; rewrite ^(.*)$ https://$host$1 permanent; } server { listen 10.0.0.5:443; server_name www.abc.com; #开启 https 注意要添加在server区块 不能在http区块中放置 ssl on; ssl_certificate /application/nginx/conf/key/server.crt; ssl_certificate_key /application/nginx/conf/key/server.key; location / { proxy_pass https://server_pools; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; } } } |
#检查nginx负载均衡配置
/application/nginx/sbin/nginx -t
#重启nginx负载均衡
/application/nginx/sbin/nginx -s stop
/application/nginx/sbin/nginx
浏览器访问测试
注意修改hosts对应的是负载均衡的IP地址信息
访问测试
访问结果
原文链接:http://blog.51cto.com/13673885/2179036