nginx tcp proxy with tls
1
2
| #check tls version
openssl s_client -connect 127.0.0.1:443
|
set yum repo, /etc/yum.repos.d/nginx.repo
1
2
3
4
5
| [nginx]
name=nginx repo
baseurl=http://nginx.org/packages/centos/7/$basearch/
gpgcheck=0
enabled=1
|
https://www.nginx.com/resources/admin-guide/tcp-load-balancing/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| stream {
server {
listen 9000 ssl;
proxy_pass stream_backend;
ssl_certificate /path/to/server.crt;
ssl_certificate_key /path/to/server.key;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
}
upstream stream_backend {
server localhost:7001;
server localhost:7002;
}
}
|
https://aotu.io/notes/2016/08/16/nginx-https/index.html
http://www.ruanyifeng.com/blog/2014/02/ssl_tls.html
http://seanlook.com/2015/05/28/nginx-ssl/
https://imququ.com/post/enable-tls-1-3.html