清漆和 SSL

tag-icon tag-icon linux apache-2.2 ssl ssl-certificate varnish
清漆和 SSL

您可以将 Varnish 与 SSL 一起使用吗?

我目前拥有什么。我可以在这里获取 SSL 吗?

backend default {
  .host = "127.0.0.1";
  .port = "8080";
}
#
# Below is a commented-out copy of the default VCL logic.  If you
# redefine any of these subroutines, the built-in logic will be
# appended to your code.
#
 sub vcl_recv {

if (req.http.host == "domain.com$") {
set req.backend = default;
}
     if (req.restarts == 0) {
        if (req.http.x-forwarded-for) {
            set req.http.X-Forwarded-For =
                req.http.X-Forwarded-For ", " client.ip;
        } else {
            set req.http.X-Forwarded-For = client.ip;
        }
     }
     if (req.request != "GET" &&
       req.request != "HEAD" &&
       req.request != "PUT" &&
       req.request != "POST" &&
       req.request != "TRACE" &&
       req.request != "OPTIONS" &&
       req.request != "DELETE") {
#         /* Non-RFC2616 or CONNECT which is weird. */
         return (pipe);
     }
    if (req.request != "GET" && req.request != "HEAD") {
#         /* We only deal with GET and HEAD by default */
         return (pass);
     }
     if (req.http.Authorization || req.http.Cookie) {
#         /* Not cacheable by default */
         return (pass);
     }
     return (lookup);
}

 sub vcl_pipe {
     # Note that only the first request to the backend will have
     # X-Forwarded-For set.  If you use X-Forwarded-For and want to
     # have it set for all requests, make sure to have:
     # set bereq.http.connection = "close";
     # here.  It is not set by default as it might break some broken web
     # applications, like IIS with NTLM authentication.
     return (pipe);
 }

 sub vcl_pass {
     return (pass);
 }

 sub vcl_hash {
     set req.hash += req.url;
     if (req.http.host) {
         set req.hash += req.http.host;
     } else {
         set req.hash += server.ip;
     }
     return (hash);
 }

 sub vcl_hit {
     if (!obj.cacheable) {
         return (pass);
     }
     return (deliver);
 }

 sub vcl_miss {
     return (fetch);
 }

 sub vcl_fetch {
    if (!beresp.cacheable) {
         return (pass);
     }
     if (beresp.http.Set-Cookie) {
         return (pass);
     }
     return (deliver);
 }

 sub vcl_deliver {
     return (deliver);
 }

 sub vcl_error {
     set obj.http.Content-Type = "text/html; charset=utf-8";
     synthetic {"
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
 <html>
   <head>
    <title>"} obj.status " " obj.response {"</title>
   </head>
   <body>
     <h1>Error "} obj.status " " obj.response {"</h1>
     <p>"} obj.response {"</p>
     <h3>Guru Meditation:</h3>
     <p>XID: "} req.xid {"</p>
     <hr>
     <p>Varnish cache server</p>
  </body>
 </html>
 "};
     return (deliver);
 }

答案1

不,varnish 不支持 SSL

相关内容