4层证书代理
# 定义上游服务器组
stream {upstream tcp-25510 {hash $remote_addr consistent;server ip:5510;}# 配置监听 25510 端口的服务器块server {listen 25510 ssl; # 监听 25510 端口并启用 SSL# 指定 SSL 证书和私钥ssl_certificate /etc/nginx/key/bundle.crt;ssl_certificate_key /etc/nginx/key/com.key;# 可选:配置 SSL 协议和密码套件ssl_protocols TLSv1.2 TLSv1.3;ssl_ciphers HIGH:!aNULL:!MD5;# 代理配置proxy_pass tcp-25510;proxy_protocol on;proxy_connect_timeout 300s;proxy_timeout 300s;}
}7层证书代理
upstream https_8443_to_8443 {server ip:8080;keepalive 200;keepalive_requests 888;keepalive_timeout 30s;
}server {listen 8443 ssl;server_name www.baidu.com;ssl_certificate /etc/nginx/key/bundle.crt;ssl_certificate_key /etc/nginx/key/com.key;resolver_timeout 10s;location / {proxy_set_header Host $host;proxy_set_header X-Real-IP $remote_addr;proxy_set_header X-Real-PORT $remote_port;proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;proxy_http_version 1.1;proxy_set_header Connection "";proxy_pass http://https_8443_to_8443;}
}
aws的4层配置证书和相同端口配置多证书
