openssl req -new -x509 -nodes -out server.crt -keyout server.key
?
Generating a 2048 bit RSA private key
.......+++
......................................+++
writing new
private key to ‘server.key‘
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default
value,
If you enter ‘.‘, the field will be left blank.
-----
Country Name (2 letter code) [XX]:CH
State or Province Name (full name) []:bj
Locality Name (eg, city) [Default City]:bj
Organization Name (eg, company) [Default Company Ltd]: 回车
Organizational Unit Name (eg, section) []: 回车
Common Name (eg, your name or your server‘s hostname) []: 回车
Email Address []: 回车
worker_processes 1;
events {
????worker_connections 1024;
}
http {
????include mime.types;
????default_type application/octet-stream;
????sendfile on;
????keepalive_timeout 65;
????upstream www_pools {
??????server 10.0.0.8;
???}
????upstream bbs_pools {
??????server 10.0.0.7;
???}
????upstream blog_pools {
??????server 10.0.0.9;
????}
????server {
????????listen 443 ssl;
????????listen 80;
????????server_name www.etiantian.org;
????????ssl_certificate /application/nginx/key/server.crt;
????????ssl_certificate_key /application/nginx/key/server.key;
????????ssl_session_cache shared:SSL:1m;
????????ssl_session_timeout 5m;
????????ssl_ciphers HIGH:!aNULL:!MD5;
????????ssl_prefer_server_ciphers on;
????????location / {
????????????proxy_pass http://www_pools;
????????????proxy_set_header Host $host;
????????????proxy_set_header X-Forwarded-For $remote_addr;
????????}
????}
????server {
????????listen 80;
????????????server_name bbs.etiantian.org;
????????location / {
????????????proxy_pass http://bbs_pools;
????????????proxy_set_header Host $host;
????????????proxy_set_header X-Forwarded-For $remote_addr;
????????}
????}
????????server {
????????listen 80;
????????????server_name c.etiantian.org;
????????location / {
????????????proxy_pass http://bbs_pools;
????????????proxy_set_header Host $host;
????????????proxy_set_header X-Forwarded-For $remote_addr;
????????}
????}
?
????server {
????????listen 80;
????????????server_name blog.etiantian.org;
????????location / {
????????????proxy_pass http://blog_pools;
????????????proxy_set_header Host $host;
????????????proxy_set_header X-Forwarded-For $remote_addr;
????????}
????}
}
