\u7531\u4e8e\u9879\u76ee\u9700\u8981 \u8d1f\u8f7d\u5747\u8861\u7531NBL \u8f6c\u6210nginx \u53cd\u5411\u4ee3\u7406\u3002\u8003\u8651\u90fd\u662fhttps\u6a21\u5757\uff0c\u6240\u4ee5\u8bc1\u4e66\u6210\u4e86\u4e2a\u96be\u9898\u3002<\/p>\n
\u89e3\u51b3\u65b9\u6848\uff1a<\/p>\n
1.\u4e0b\u8f7dopenssl(windows \u5b89\u88c5\u5305)<\/p>\n
2.\u6253\u5f00bin\/\u4e0b\u9762\u7684openssl.exe<\/p>\n
3.\u518d\u539f\u6765\u7684IIS\u4e0a\u9762\u628a\u8bc1\u4e66\u5bfc\u51fa.pfx(\u57df\u670d\u52a1\u5668\u8bc1\u4e66\u7533\u8bf7\uff0c\u4e3b\u8981\u9002\u7528\u57df\u5185)<\/p>\n
4.\u5229\u7528openssl \u8fdb\u884c\u8f6c\u5316\uff1a<\/p>\n
openssl pkcs12 -in server.pfx -nodes -out server.pem # \u751f\u6210\u660e\u6587\u6240\u6709\u5185\u5bb9\r\nopenssl rsa -in server.pem -out server.key # \u53d6 key \u6587\u4ef6\r\nopenssl x509 -in server.pem -out server.crt # \u53d6\u8bc1\u4e66<\/pre>\n5.nginx \u4e0a\u9762\u5f00\u59cb\u914d\u7f6e\uff1a<\/p>\n
upstream backend\r\n{\r\n#ip_hash;\r\nserver 10.1.0.245:81;\r\nserver 10.1.0.42:81;\r\n}\r\n server {\r\n listen 80;\r\n listen 443 ssl;\r\n server_name office.dahuatech.com;\r\n ssl_certificate server.crt;\r\n ssl_certificate_key server.key;\r\n #ssl_session_cache shared:SSL:1m;\r\n ssl_session_timeout 5m;\r\n ssl_ciphers HIGH:!aNULL:!MD5;\r\n #ssl_prefer_server_ciphers on;\r\n #charset koi8-r;\r\n #access_log logs\/host.access.log main;\r\n\r\n location \/ {\r\n proxy_pass http:\/\/backend;\r\n #Proxy Settings\r\n proxy_redirect off;\r\n proxy_set_header Host $host;\r\n proxy_set_header X-Real-IP $remote_addr;\r\n proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;\r\n proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;\r\n proxy_max_temp_file_size 0;\r\n proxy_connect_timeout 90;\r\n proxy_send_timeout 90;\r\n proxy_read_timeout 90;\r\n proxy_buffer_size 4k;\r\n proxy_buffers 4 32k;\r\n proxy_busy_buffers_size 64k;\r\n proxy_temp_file_write_size 64k;\r\n }<\/pre>\n\u6309\u7167\u4e0a\u9762\u914d\u7f6e\u5c31\u53ef\u4ee5\u3002\u8fd9\u6837\u57df\u5185\u6240\u6709\u7684\u7528\u6237\u90fd\u53ef\u4ee5\u5728\u4fe1\u4efb\u8bc1\u4e66\u5185\u3002<\/p>\n
\u8bb0\u5f55\u4e0b \u9001\u7ed9\u9700\u8981\u7684\u4eba<\/p>\n
OPENSSL \u5b89\u88c5\u5305\u4e0b\u8f7d\uff1aWin32OpenSSL-0_9_8l.zip<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u7531\u4e8e\u9879\u76ee\u9700\u8981 \u8d1f\u8f7d\u5747\u8861\u7531NBL \u8f6c\u6210nginx \u53cd\u5411\u4ee3\u7406\u3002\u8003\u8651\u90fd\u662fhttps\u6a21\u5757 … Continue reading