最近一個支付項目,需要訪問外部支付接口,所以使用Nginx做一個正向代理,讓其使用。
記錄過程如下:
新增一個代理server
server {
resolver 114.114.114.114; #指定DNS服務器IP地址
listen 192.168.0.28:10080;
location / {
proxy_pass http://$host; #設定代理服務器的協議和地址
proxy_set_header HOST $host;
proxy_buffers 256 4k;
proxy_max_temp_file_size 0k;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_next_upstream error timeout invalid_header http_502;
}
}
重啟服務后,在另一台服務器上測試是否可用
[root@appserver33 APP]# curl -I http://www.qq.com -x 192.168.0.28:10080
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Fri, 17 Dec 2021 10:19:19 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
Location: https://www.qq.com/
# 通過全局設置代理
[root@appserver33 APP]# export http_proxy='192.168.0.28:10080'
[root@appserver33 APP]# curl -I http://www.qq.com
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.20.1
Date: Fri, 17 Dec 2021 10:22:12 GMT
Content-Type: text/html
Content-Length: 151
Connection: keep-alive
Location: https://www.qq.com/
通過代理訪問http協議以實現。
發現問題,無法訪問https協議
[root@appserver33 APP]# curl -I https://www.qq.com -x 192.168.0.28:10080
HTTP/1.1 400 Bad Request
Server: nginx/1.20.1
Date: Fri, 17 Dec 2021 10:26:41 GMT
Content-Type: text/html
Content-Length: 157
Connection: close
curl: (56) Received HTTP code 400 from proxy after CONNECT
通過查找資料發現: 默認nginx沒有加載https的代理模塊,通過打補丁的方式,然后編譯安裝就可以。
https://github.com/chobits/ngx_http_proxy_connect_module
我這里因為只需要代理http協議,就沒有往下走了。
傳統的正向代理軟件還有: squid