Environment Introduction
1.nginx Server: 10.10.54.157
2. Configure the Nginx server, and when you hear from the client www.zijian.com:80 request, go to 10.10.54.150:1500 on this Web server
3. Configure Nginx server to support SSL encrypted transport protocol
Generate the required certificate file for Nginx server
1. Create a Web site certificate store directory shell> mkdir /usr/local/ Nginx/conf/ssl Shell> cd /usr/local/nginx/conf/ssl 2. Make CA certificate shell> openssl genrsa -des3 -out ca.key 2048 shell> openssl req -new -x509 -days 7305  -KEY CA.KEY -OUT CA.CRT 3. Generate the required certificate for Nginx server and sign it with CA shell> openssl genrsa - des3 -out client.key 1024 Shell> openssl req -new -key client.key  -OUT CLIENT.CSR shell> openssl x509 -req -in client.csr -out Client.pem -signkey client.key -ca ca.crt -cakey ca.key -cacreateserial -days 3650 4. View the certificate file Shell> pwd/usr/local/nginx/conf/ssl shell> ls ca.crt Ca.key ca.srl client.csr client.key client.pem
//Configure Nginx Support SSL Transport protocol
shell> vim /usr/local/nginx/conf/nginx.conf------------------------------------------------User
apache apache;
worker_processes 2;
error_log logs/error_nginx.log;
pid logs/nginx.pid;
events { worker_connections 1024;} http { include
Mime.types;
default_type application/octet-stream; log_format main ' $remote _addr - $remote _user [$time _local] "$request" " ' $status $body _bytes_ sent "$http _referer" '           &NBsp; ' "$http _user_agent" "$http _x_
Forwarded_for "';
access_log logs/access_nginx.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
gzip on; server { listen
443;
server_name www.zijian.com;
charset uft-8;
access_log logs/www.access.log main; root /var/www/html; location / {
index index.html index.htm; } ssl
on; ssl_certificate /usr/
LOCAL/NGINX/CONF/SSL/CLIENT.PEM; ssl_certificate_key /usr/local/nginx/conf/ssl
/client.key; }}--------------------------------------------------------#上面的配置只支持https:/ /www.zijian.com access, because the listening port only open 443 ports, the normal HTTP protocol 80 port is not open #要开放http和https, plus the following server------------------------ ------------------------server {    &Nbsp; listen 80;
server_name www.zijian.com;
charset uft-8;
access_log logs/www.access.log main;
root /var/www/html; location / {
proxy_pass http://10.10.54.150:1500; } #当用户使用http协议浏览该网站时, automatically jump to the 10.10.54.150:1500-------------------------------------------- ----