安装 Squid

shell复制

yum install -y squid

配置 Squid

vi /etc/squid/squid.conf

shell复制

http_port 3128
acl payserver src 10.10.22.33 #允许访问的IP
acl SSL_ports port 443
acl CONNECT method CONNECT
http_access allow payserver CONNECT SSL_ports
http_access deny all

启动 Squid

shell复制

systemctl enable squid
systemctl restart squid

防火墙放行

shell复制

firewall-cmd --permanent --add-port=3128/tcp
firewall-cmd --reload

临时测试

shell复制

export https_proxy=http://前置机IP:3128
curl -v https://api.mch.weixin.qq.com

Docker 配置

nonProxyHosts 根据现场修改

shell复制

    environment:
      - JAVA_OPTS=-Dhttps.proxyHost=前置机IP -Dhttps.proxyPort=3128 -Dhttp.proxyHost=前置机IP -Dhttp.proxyPort=3128 -Dhttp.nonProxyHosts=localhost|127.*|10.*|172.18.*