[英]Create a Reverse Proxy in NodeJS that can handle multiple secure domains
I'm trying to create a reverse proxy in NodeJS. 我正在尝试在NodeJS中创建反向代理。 But I keep running the issue that in that I can only serve one one set of cert/key pair on the same port(443), even though I want to serve multiple domains. 但是我一直在运行这个问题,因为我只能在同一个端口(443)上提供一组证书/密钥对,即使我想服务多个域。 I have done the research and keep running into teh same road block: 我已完成研究并继续遇到同样的路障:
If anyone can show me an example of serving multiple secure domains each with their own certificate from the same port number (443) using NodeJS and either https.createServer or node-http-proxy I would be indebted to you. 如果有人能够向我展示一个服务多个安全域的示例,每个安全域都使用自己的证书来自相同的端口号(443),使用NodeJS和https.createServer或node-http-proxy,我将感激不尽。
Redbird actually does this very gracefully and not too hard to configure either. Redbird实际上非常优雅,也不太难配置。
https://github.com/OptimalBits/redbird https://github.com/OptimalBits/redbird
Let me dynamically server SSL certificates via domain header 让我通过域头动态地为SSL证书服务
There is no domain header so I guess you mean the Host header in the HTTP request. 没有域头,所以我猜你的意思是HTTP请求中的Host头。 But, this will not work because 但是,这不起作用,因为
In former times you would need to have a single IP address for each SSL certificate. 以前,您需要为每个SSL证书提供一个IP地址。 Current browsers do support SNI (server name indication), which sends the expected target host already inside the SSL layer. 当前的浏览器确实支持SNI(服务器名称指示),它发送已经在SSL层内的预期目标主机。 It looks like node.js does support this, look for SNICallback
. 看起来node.js支持这一点,寻找SNICallback
。 But, beware that there are still enough libraries out there, which either don't support SNI on the client side at all or where one needs to use it explicitly. 但是,要注意那里仍然有足够的库,要么根本不支持客户端的SNI,要么显然需要使用它。 But, as long you only want to support browsers this should be ok. 但是,只要您只想支持浏览器,这应该没问题。
Bouncy is a good library to do this and has an example of what you are needing. Bouncy是一个很好的图书馆,并且有一个你需要的例子 。
As Steffen Ullrich says it will depend on the browser support for it 正如Steffen Ullrich所说,它将取决于浏览器对它的支持
Here is the solution you might be looking at, I found it very useful for my implementation though you will need to do huge customization to handle domains 这是您可能正在查看的解决方案,我发现它对我的实现非常有用,但您需要进行大量自定义来处理域
node-http-rev proxy: https://github.com/nodejitsu/node-http-proxy node-http-rev代理: https : //github.com/nodejitsu/node-http-proxy
如何在不同的端口上创建SSL服务器,并使用node-http-proxy作为443上的服务器来根据域中继请求。
You stated you don't want to use nginx for that, and I don't understand why. 你声明你不想使用nginx,我不明白为什么。 You can just setup multiple locations for your nginx. 您可以为nginx设置多个位置。 Have each of them listen to different hostnames and all on port 443. Give all of them a proxypass to your nodejs server. 让他们每个人都在端口443上监听不同的主机名和所有主机名。将所有这些主机名都传递给您的nodejs服务器。 To my understanding, that serves all of your requirements and is state of the art. 根据我的理解,这符合您的所有要求,并且是最先进的。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.