2023年8月9日 星期三

Apache Reverse Proxy with SSL

憑證掛在 Reverse Proxy, 內部走 HTTP

<VirtualHost *:443>
ServerName test1.pank.org
ServerAdmin pank@pank.org
ErrorLog "/var/log/httpd/test1_error_log"
TransferLog "/var/log/httpd/test1_access_log"
SSLEngine on
ProxyPass / http://192.168.0.27/
ProxyPassReverse / http://192.168.0.27/
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile "/etc/httpd/conf.d/pank.org-crt.pem"
SSLCertificateKeyFile "/etc/httpd/conf.d/pank.org-key.pem"
SSLCertificateChainFile /etc/httpd/conf.d/chain.pem
</VirtualHost>

若後端有多台,建立多個 VirtualHost 區塊即可
Apache 預設就會帶 X-Forwarded-For 到 backend server,不用特別設定

沒有留言:

VMware ESXi 6.5 VMXNET3 known issue

VMware ESXi 6.5 VMXNET3 網卡在遇到 Linux Kernel >= 4.8 時, 會有不定時 Kernel panic 的問題,狀況是機器會自己重開機 ESXi 中的 Event 可以看到 The CPU has been disabled by t...