• centos7 下 apache nginx squid https正向代理 代理服务器

    • apache

    yum install httpd mod_ssl -y

vim /etc/httpd/conf.d/ssl.conf

Listen 443 https
<VirtualHost *:443>
        ServerName example.com
    SSLEngine on
    SSLCertificateFile /cert/server.crt
    SSLCertificateKeyFile /cert/server.key
    ProxyRequests On
    ProxyVia On
    <Proxy *>
        Order deny,allow
        allow from all
    </Proxy>
</VirtualHost>

systemctl restart httpd

    • nginx

    nginx 默认并不支持代理https需要第三方模块支持

    编译安装nginx

    yum install gc gcc gcc-c++ pcre-devel zlib-devel openssl-devel patch wget -y

    cd /usr/local/src/

    wget http://nginx.org/download/nginx-1.9.2.tar.gz

wget https://github.com/chobits/ngx_http_proxy_connect_module/archive/master.zip

tar -xzvf nginx-1.9.2.tar.gz 

unzip master.zip

cd nginx-1.9.2

patch -p1 < ../ngx_http_proxy_connect_module-master/patch/proxy_connect.patch

./configure --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-stream --add-module=/usr/local/src/ngx_http_proxy_connect_module-master

    make && make install

     nginx配置文件

    vim /usr/local/nginx/conf/nginx.conf

    worker_processes  1;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;

    server {
    listen 443 ssl;
    resolver                       8.8.8.8;
    ssl on;
    ssl_certificate /cert/server.crt;
    ssl_certificate_key /cert/server.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    server_name example.com;
    proxy_connect;
    proxy_connect_allow            443 563;
    proxy_connect_connect_timeout  10s;
    proxy_connect_read_timeout     10s;
    proxy_connect_send_timeout     10s;
    location / {
         proxy_pass https://$host;
         proxy_set_header Host $host;
           }
        }  

}

    /usr/local/nginx/sbin/nginx

    •  squid

    yum install squid -y

vim /etc/squid/squid.conf

https_port 443 cert=/cert/server.crt key=/cert/server.key
dns_nameservers 8.8.8.8
http_access allow all


systemctl restart squid

    浏览器可以借助一个叫 SwitchyOmega 插件代理上网

    官网 https://www.switchyomega.com/

     

    windows10 可以通过系统代理
  • 相关阅读:
    GridSplitterProperties
    软件趋势是什么?
    Chinaren,逐渐变为垃圾了。
    【JS】回调函数示例
    在编程的海洋里 有蟛蜞喜欢在浅滩栖居嬉戏 也有巨鲸在远洋遨游
    【JS】两个计时器的写法
    【Java/Regexp】如何把MyBatis中的占位符#{name} 或是拼接符${name}中的变量名称拿出来
    【JS】利用中国古老的天干地支给文件命名
    【JS】利用闭包自制的沙漏类
    【Java】十进制和十六进制的转换
  • 原文地址:https://www.cnblogs.com/37yan/p/9188292.html
Copyright © 2020-2023  润新知