【help to configure nginx proxy】
高巍
gwei1016 at gmail.com
Thu Jan 12 08:41:32 UTC 2012
Hello:
I want to config a proxy server to access https
backend, but nginx return 400, I don’t how to config
My config is:
#user nobody;
worker_processes 3;
error_log logs/error.log;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format test '$http_clientip $http_baeuser $remote_user [$time_local]
'
'$status $request_length $bytes_sent $request_time '
'0 0 0 - - $request - -';
access_log logs/access.log test;
sendfile on;
keepalive_timeout 5;
proxy_connect_timeout 5;
proxy_read_timeout 60;
proxy_send_timeout 60;
proxy_buffer_size 16k;
proxy_buffers 4 64k;
proxy_busy_buffers_size 128k;
proxy_temp_file_write_size 128k;
#server {
# listen 8086;
# resolver 10.65.0.231;
#location / {
# proxy_pass http://$http_host$request_uri;
# proxy_next_upstream http_502 http_504 error timeout
invalid_header;
# proxy_set_header Host $host;
# proxy_set_header X-Forwarded-For $remote_addr;
# proxy_set_header cookie $http_cookie;
#}
#}
# HTTPS server
map $scheme $msiis { http off; https on; }
server {
listen 443;
resolver 10.65.0.231;
ssl on;
ssl_certificate /home/work/imgw/nginx/ssl/cert.crt;
ssl_certificate_key /home/work/imgw/nginx/ssl/cert.key;
ssl_verify_client off;
#ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass $scheme://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-By $server_addr:$server_port;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Front-End-Https $msiis;
proxy_set_header cookie $http_cookie;
}
}
}
Thanks to your help!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120112/342a8023/attachment-0001.html>
More information about the nginx
mailing list