堆栈内存溢出
  简体   繁体   English

NGINX不路由https请求

[英]NGINX not routing https requests

 原文  2016-07-19 17:39:30       node.js/ ssl/ nginx

问题描述

I have a reverse proxy with nginx routing to a node web server 我有一个Nginx路由到节点Web服务器的反向代理

I setup (I thought) SSL on the web server, but it looks like when my browser attempts to resolve the https request, no connection ever starts. 我在网络服务器上设置了(我认为)SSL,但是当我的浏览器尝试解析https请求时,似乎没有连接开始。

I wanted to ask a couple of questions 我想问几个问题

  1. Where do I setup the SSL? 在哪里设置SSL? on the reverse proxy where the request is first hit? 在反向代理上第一次命中请求? or the node server where authentication occurs? 还是进行身份验证的节点服务器?

  2. What is wrong with my configuration (if that is the problem 我的配置出了什么问题(如果这是问题所在)

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-on-ubuntu-14-04 https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-on-ubuntu-14-04

This is the tutorial I used 这是我使用的教程

Code included (sorry I totally forgot to include) 包含代码(对不起,我完全忘记了) 

server {
   listen 443 ssl;

   server_name domain www.domain.com;

    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-$
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_stapling on;
    ssl_stapling_verify on;
    add_header Strict-Transport-Security max-age=15768000;


    location / {
    proxy_pass http://app_server_ip:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}
}

server {
    listen 80;
    server_name domain.com www.domain.com;
    return 301 https://$host$request_uri;
}

1 个解决方案

解决方案1
 0  2016-07-20 02:15:01

1.On the reverse proxy 1.关于反向代理

2.You should configure nginx file as similar following (using upstream parameter): 2.您应该将nginx文件配置为类似以下内容(使用upstream参数): 

        upstream api-app {
                least_conn;
                server 127.0.0.1:3000 weight=1 max_fails=0;
             }
        server {
              listen 80;
              listen  443 ssl;
              server_name api.domain.net;
              ssl_certificate /etc/letsencrypt/live/api.domain.net/fullchain.pem;
              ssl_certificate_key /etc/letsencrypt/live/api.domain.net/privkey.pem;
              client_max_body_size 2000M;
              large_client_header_buffers 32 128k;
              location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_pass http://api-app;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "";
                proxy_set_header Host $host;
                proxy_cache_bypass $http_upgrade;
              }
        }

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 NGINX:将所有对我的本地主机端口的请求重定向到https / SSL - NGINX: Redirect all requests to my localhost port to https/SSL 使用Nginx和ExpressJS进行404路由 - 404 on routing with nginx and expressjs Nginx IP 地址上的路由 - Nginx routing on IP address Nginx + Nodejs + WordPress 路由 - Nginx + Nodejs + WordPress routing 解释 NodeJS 中的路由和请求 - Routing and Requests in NodeJS Explained 在Nginx和NodeJS上配置HTTPS - Configuring HTTPS on Nginx and NodeJS Nginx /反向代理中的Https - Https in nginx/reverse proxy 为Express和Nginx配置HTTPS - Configuring HTTPS for Express and Nginx https nginx 403 禁止 - https nginx 403 forbidden 为Https配置Nginx的困难 - Difficulties configuring nginx for Https
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM