Nginx forward proxy http and https in CentOS VM instances

Nginx forward proxy http and https in CentOS VM instances
Forward proxy http

In the Directory/apps/conf/nginx/vhostsCreate a new file, such as a.test.com. The file content is as follows:

Server {listen 80; server_name a.test.com; location/{expires 302400 s; proxy_pass url; // customize the http protocol url} access_log/apps/logs/nginx/a.test.com. log log_access ;}

Then add

include      /apps/conf/nginx/vhosts/*.com;

Restart nginx and configure the host with server_name locally to implement the http forward proxy.

Test proxy

curl --proxy ip:80 http://a.test.com

Forward proxy https

Because Nginx does not support CONNECT, it cannot forward proxy Https websites. If you access an Https website such as a https://www.baidu.com, The Nginx access. log is as follows: "CONNECT www.baidu.com: 443 HTTP/1.1" 400

Nginx uses the ssl module to configure HTTPS support

OpenSSL is used here. You can create a certificate and a private key under the nginx conf directory to create the private key of the server. The command will allow you to enter a password.

openssl genrsa -des3 -out server.key 1024

Create the certificate (CSR) of the signature request)

openssl req -new -key server.key -out server.csr

Enter some certificate information after this command. For details, refer to [2].

Country Name (2 letter code) [XX]:State or Province Name (full name) []:Locality Name (eg, city) [Default City]:Organization Name (eg, company) [Default Company Ltd]:Organizational Unit Name (eg, section) []:Common Name (eg, your name or your server's hostname) []:Email Address []:

Remove the required password when loading SSL-supported Nginx and using the above Private Key

cp server.key server.key.orgopenssl rsa -in server.key.org -out server.key

Mark the certificate with the above private key and CSR

openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

The configuration content below is a bit similar to that of the forward proxy http. the following file example is also used.

Server {listen 443; server_name a.test.com; ssl on; ssl_certificate/apps/conf/nginx/conf/server. crt; ssl_certificate_key/apps/conf/nginx/conf/server. key; location/{expires 302400 s; proxy_pass https: // XXXX; // here It Can Be http or https} access_log/apps/logs/nginx/a.test.com. log log_access ;}

Then configure the local host to proxy the https request. You can also redirect http requests to https, as shown in the following Configuration:

server {    listen 80;    server_name a.test.com;    rewrite ^(.*) https://$server_name$1 permanent;}

[Reference] [1] configuring HTTPS support using the ssl module in nginx [2] configuring SSL Certificate in Nginx + building an HTTPS website tutorial