Apache + Tomcat + SSL 负载均衡及数据加密

bxqybxqy 2016-11-02

Apache + Tomcat + SSL 负载均衡及数据加密

 

要想同时实现负载均衡及加密,需要对两个文件进行配置,一个是Apache的/conf/httpd.conf文件,还有一个是SSL的/conf.d/ssl.conf文件。

 

1.配置:ssl.conf

 

<VirtualHost *:443>

 

    SSLEngine on

    SSLProxyEngine on

 

    SSLProtocol all -SSLv2 -SSLv3

    SSLHonorCipherOrder on

    SSLCipherSuite HIGH:!RC4:!MD5:!aNULL:!eNULL:!NULL:!DH:!EDH:!EXP:+MEDIUM

    SSLCertificateFile /etc/httpd/conf/server.crt

    SSLCertificateKeyFile /etc/httpd/conf/server.key

    SSLCertificateChainFile /etc/httpd/conf/ca.crt

 

    ProxyPreserveHost On

    ProxyPass / balancer://cluster/ stickysession=jsessionid nofailover=On

    ProxyPassReverse  / balancer://cluster/

    ServerAdmin [email protected]

    ServerName IP(域名)

    ServerAlias IP(域名)

    ErrorLog "logs/lbtest-error.log"

    CustomLog "logs/lbtest-access.log" common

 

</VirtualHost>

 

2.配置:httpd.conf

 

在httpd.conf末尾加上以下代码

 

ProxyRequests Off

Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED

<proxy balancer://cluster>

    BalancerMember https://IP1(域名) loadfactor=1 route=jvm1

    BalancerMember https://IP2(域名) loadfactor=1 route=jvm2

    ProxySet stickysession=ROUTEID

</proxy>

 

注意:文中红色部分根据个人情况自定义名称

相关推荐