ðòïåëôù 

  áòèé÷ 

Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  óôáôøé 

  ðåòóïîáìøîïå 

  ðòïçòáííù 

ðéûéôå
ðéóøíá












     áòèé÷ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: HTTPS proxy

  • To: nginx-ru@xxxxxxxxx
  • Subject: Re: HTTPS proxy
  • From: å×ÇÅÎÉÊ îÏ×ÉÃËÉÊ <ewgenow@xxxxxxxxx>
  • Date: Wed, 8 Sep 2010 16:22:27 +0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type; bh=KobUBmSJyUbVxAgVQiLakkJSF+XUgY5Tk5qxRHM56t0=; b=mpOuFwB19W66nNYJ4MaEzIfRMO+rCBluDcRayr+TLkskNPz174EtRrPM1iOFfOeaeS k+g7wjxGYV85dh8f3EEwZrZd/SQjca+RuJtPHxDy0TjXwwHXC1rsoHbsvXlJ9AxH7GQN pXjFnHzvmk4x8nfbDDRwy5Cz8V33bv0MJGJNI=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=hbTPVIq9mfZA3ipMWjHu2wW8Ih/+M1sh7wQiD48drEfqfG5hrNKUi893EYOmbrW+bn j6fl9+E14DjYwcvgTGCdiPnEJBy4ZsJy0lkr5LdqXfbS9LJHrq3dbIKulapRZEK+gRRe nHph1fzxzYY7AcUaL+i9lQSsszXggGmodFKhw=
  • In-reply-to: <AANLkTi=-n3+vvrBq5ESO=0a6XbJOxYS5PLaU05FrK_c2@xxxxxxxxxxxxxx>
  • References: <AANLkTikBRdkuag7jG2kRzY8=HR92kXE7Vf0UiQdJ8B-F@xxxxxxxxxxxxxx> <AANLkTi=-n3+vvrBq5ESO=0a6XbJOxYS5PLaU05FrK_c2@xxxxxxxxxxxxxx>
àÒÉÊ Ñ ÞÉÔÁÌ ÜÔÕ ÓÔÁÔØÀ. óÅÒÔÉÆÉËÁÔÙ ÎÁ ÓÅÒ×ÅÒÅ, ÇÄÅ ÓÔÏÉÔ nginx ÏÔÌÉÞÁÀÔÓÑ ÏÔ ÔÅÈ, ËÏÔÏÒÙÅ ÎÁš192.168.1.200 (ÏÎ ÖÅšmail.site.com). íÏÖÅÔ Ó ÎÉÍÉ ÞÔÏ-ÔÏ ÎÕÖÎÏ ÄÅÌÁÔØ?
îÁÓÔÒÏÊËÉ ÐÒÏËÓÉÒÏ×ÁÎÉÑ Õ ÍÅÎÑ ÎÁÈÏÄÑÔÓÑ × ÆÁÊÌÅ /etc/nginx/mail.conf š(ËÏÎÆÉÇ ÓÍ. ÎÉÖÅ), ÐÒÏËÓÉÒÏ×ÁÎÉÅ ÎÁ ÔÏÔ ÖÅ ÓÅÒ×ÅÒ ÎÁ ÐÏÒÔ 443 ÎÁÓÔÒÏÅÎÏ ÐÏ ÁÎÁÌÏÇÉÉ × ÆÁÊÌÅ nginx.conf (ÓÁÍ ÆÁÊÌ × ÒÁÚÄÅÌÅ http ÔÁËÏÊ ÖÅ ÚÁ ÉÓËÌÀÞÅÎÉÅÍ ÈÏÓÔÁ, ÓÅÒÔÉÆÉËÁÔÏ× Éšlocation), ÔÁÍ ×Ó£ ÎÏÒÍÁÌØÎÏ ÒÁÂÏÔÁÅÔ,šproxy_pass ÏÔÒÁÂÁÔÙ×ÁÅÔ, ÔÁË ËÁË É ÏÖÉÄÁÅÔÓÑ.

http {
šš šinclude š š š /etc/nginx/mime.types;
šš šdefault_type šapplication/octet-stream;
šš šlog_format šmain š'$remote_addr - $remote_user [$time_local] "$request" '
šš š š š š š š š š š š'$status $body_bytes_sent "$http_referer" '
šš š š š š š š š š š š'"$http_user_agent" "$http_x_forwarded_for"';
šš šaccess_log š/var/log/nginx/mail.access.log šmain;
šš šsendfile š š š šon;
šš škeepalive_timeout š65;
šš šproxy_set_header š X-Real-IP š š š š$remote_addr; š š
šš šproxy_set_header š X-Forwarded-For š$proxy_add_x_forwarded_for;
šš šserver {
šš listen š š š 2345;
šš š š šserver_name šmail.site.com;
šš š š šssl on;
šš š š šssl_prefer_server_ciphers off;
šš š š šssl_certificate š š š/usr/local/nginx/conf/server.crt;
šš š š šssl_certificate_key š/usr/local/nginx/conf/server.key;

šš š š šaccess_log š/var/log/nginx/mail.access.log šmain;

šš š š šlocation /somemail {
šš š š š š šproxy_pass šhttps://192.168.1.200:443;
š š#proxy_redirect https://mail.site.com:443/somemail/ /;
šš š š š š š#proxy_redirect off;
šš š š š š šproxy_set_header š Host š š š š š š $host;
šš š š š š šproxy_set_header š X-Real-IP š š š š$remote_addr;
šš š š š š šproxy_set_header š X-Forwarded-For š$proxy_add_x_forwarded_for;
šš š š š}
šš š š šlocation / {
šš š š š š šproxy_pass šhttps://192.168.1.200:443;
šš š š š š š#proxy_redirect šhttps://mail.site.com:443/somemail/ /;
šš š š š š šproxy_set_header š Host š š š š š š $host;
šš š š š š šproxy_set_header š X-Real-IP š š š š$remote_addr;
šš š š š š šproxy_set_header š X-Forwarded-For š$proxy_add_x_forwarded_for;
šš š š š}
šš š š š}
}


2010/9/8 Yuriy Taraday <yorik.sar@xxxxxxxxx>
http://nginx.org/en/docs/http/configuring_https_servers.html#name_based_https_servers

ó Õ×ÁÖÅÎÉÅÍ, àÒÉÊ.


_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru


_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru
  • References:

 



Copyright © Lexa Software, 1996-2009.