【help to configure nginx proxy】

高巍 gwei1016 at gmail.com
Thu Jan 12 08:41:32 UTC 2012


         Hello:

                            I want to config a proxy server to access https
backend, but nginx return 400, I don’t how to config

 

 

 

         My config is:

 

#user  nobody;

worker_processes  3;

 

error_log  logs/error.log;

pid        logs/nginx.pid;

 

 

events {

    worker_connections  1024;

}

 

http {

    include       mime.types;

    default_type  application/octet-stream;

    log_format test '$http_clientip $http_baeuser $remote_user [$time_local]
'

                       '$status $request_length $bytes_sent $request_time '

                       '0 0 0 - - $request - -';

    access_log  logs/access.log  test;

 

    sendfile        on;

    keepalive_timeout  5;

    proxy_connect_timeout    5;

    proxy_read_timeout       60;

    proxy_send_timeout       60;

    proxy_buffer_size        16k;

    proxy_buffers            4 64k;

    proxy_busy_buffers_size  128k;

    proxy_temp_file_write_size 128k;

 

 

    #server {

     #   listen       8086;

        #       resolver 10.65.0.231;

        #location / {

         #              proxy_pass http://$http_host$request_uri;

          #             proxy_next_upstream http_502 http_504 error timeout
invalid_header;

           #            proxy_set_header Host  $host;

            #           proxy_set_header X-Forwarded-For  $remote_addr;

             #          proxy_set_header cookie $http_cookie;

        #}

    #}

    # HTTPS server

    map $scheme $msiis      { http off; https on; }    

    server {

        listen      443; 

        resolver 10.65.0.231;

        ssl on;

        ssl_certificate      /home/work/imgw/nginx/ssl/cert.crt;

        ssl_certificate_key  /home/work/imgw/nginx/ssl/cert.key;

        ssl_verify_client off;

        #ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;

        ssl_ciphers
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

        ssl_prefer_server_ciphers   on;

 

        location / {

                proxy_pass $scheme://$host$request_uri;

                proxy_set_header X-Forwarded-Proto https;

                proxy_set_header Host  $http_host;

                proxy_set_header X-Forwarded-By   $server_addr:$server_port;

                proxy_set_header X-Forwarded-For  $remote_addr;

                proxy_set_header        Front-End-Https   $msiis;

                proxy_set_header cookie $http_cookie;

 

 

        }

    }

}

 

 

         Thanks to your help!

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120112/342a8023/attachment-0001.html>


More information about the nginx mailing list