frp https穿透配置_nuifrp

转载于 http://blog.c7d8.com/blog/17.html ，原文可能有更新，以原文为准
由于网络上这部分资料比较模糊，所以写下来分享一下，希望能帮到各位

首先我们必须要明白frp只是作为流量通道，仅按照配置转发相应请求到目的地即可

s首先你需要确认你的frps(frp服务端)是监听了https所需要的相应端口的（比如443） 你可以尝试使用

[xxx-demo-https]
type = https
local_ip = 192.16.1.113
local_port = 8443
use_encryption = false
use_compression = true
subdomain = xxxx
1
2
3
4
5
6
7

这里需要将公网的流量转发到一台可以配置证书的服务器上去，这里我们选择的是nginx，https可以选择免费的单域名证书，nginx配置如下

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;


    # xxxx-uat.xxx.com
    upstream xxxx-uat.xxx.com {
        ## Can be connect with "multi-host-network" network
        # discovery_discovery.1.sfxxuw5nek99zwebi0nuil7ed
        server 172.16.1.110:8060;
    }
    # HTTPS server
    #
    server {
        listen       8443 ssl;
        server_name  xxxx-uat.xxx.com;
        ssl on;
        ssl_certificate      cert/214610342030812.pem;
        ssl_certificate_key  cert/214610342030812.key;

        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;

        ssl_ciphers  ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers  on;

        location / {
            proxy_pass http://xxxx-uat.xxx.com;
        }
    }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

这里需要注意

listen       8443 ssl;
server_name  xxxx-uat.xxx.com;
ssl on;
ssl_certificate      cert/214610342030812.pem;
ssl_certificate_key  cert/214610342030812.key;
1
2
3
4
5

完