Apache + Tomcat + SSL 负载均衡及数据加密
Apache + Tomcat + SSL 负载均衡及数据加密
要想同时实现负载均衡及加密,需要对两个文件进行配置,一个是Apache的/conf/httpd.conf文件,还有一个是SSL的/conf.d/ssl.conf文件。
1.配置:ssl.conf
<VirtualHost *:443>
SSLEngine on SSLProxyEngine on
SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM SSLCertificateFile /etc/httpd/conf/server.crt SSLCertificateKeyFile /etc/httpd/conf/server.key SSLCertificateChainFile /etc/httpd/conf/ca.crt
ProxyPreserveHost On ProxyPass / balancer://cluster/ stickysession=jsessionid nofailover=On ProxyPassReverse / balancer://cluster/ ServerAdmin [email protected] ServerName IP(域名) ServerAlias IP(域名) ErrorLog "logs/lbtest-error.log" CustomLog "logs/lbtest-access.log" common
</VirtualHost> |
2.配置:httpd.conf
在httpd.conf末尾加上以下代码
ProxyRequests Off Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED <proxy balancer://cluster> BalancerMember https://IP1(域名) loadfactor=1 route=jvm1 BalancerMember https://IP2(域名) loadfactor=1 route=jvm2 ProxySet stickysession=ROUTEID </proxy> |
注意:文中红色部分根据个人情况自定义名称