如何使用Nginx设置SSL Node.js应用服务器

Question

I have node.js app that runs in https://localhost:8080 and it has localhost.crt and localhost.key i want set server with nginx redirect to https://app.example.com (i have installed another certificate with certbot on this sub domain) now im getting 我有在https://localhost:8080中运行的node.js应用程序，并且它具有localhost.crt和localhost.key我想通过nginx将服务器设置为重定向到https://app.example.com （我已经安装了另一个证书此子域上的certbot）现在即时

Unknown ALPN Protocol, expected h2 to be available.If this is a HTTP request: The server was not configured with the allowHTTP1 option or a listener for the unknownProtocol event. 未知的ALPN协议，预期h2可用。如果这是HTTP请求：服务器未配置带有allowHTTP1选项或unknownProtocol事件的侦听器。

in browser, can someone help me with correct nginx server config? 在浏览器中，有人可以帮助我进行正确的Nginx服务器配置吗？ Screenshot also i'm using Digitalocean Droplets with ubuntu 16.04 to setup this here is nginx server i have set. 屏幕快照也我正在使用带有ubuntu 16.04的Digitalocean Droplet进行设置，这是我设置的Nginx服务器。

server {
listen 80;
return 301 https://$host$request_uri;
}

server {

listen 443;
server_name app.mydomain.com;

ssl_certificate           /root/apps/app.mydomain.com/localhost.crt;
ssl_certificate_key       /root/apps/app.mydomain.com/localhost.key;

ssl on;
ssl_session_cache  builtin:1000  shared:SSL:10m;
ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;

access_log            /var/log/nginx/app.access.log;

location / {

  proxy_set_header        Host $host;
  proxy_set_header        X-Real-IP $remote_addr;
  proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header        X-Forwarded-Proto $scheme;

  # Fix the “It appears that your reverse proxy set up is broken" error.
  proxy_pass          https://localhost:8080;
  proxy_read_timeout  90;

  proxy_redirect      https://localhost:8080 https://app.mydomain.com;
}
}

Answer 1

This: 这个：

listen 443;

Should be this: 应该是这样的：

listen 443 ssl;

Why do you want to proxy traffic to 127.0.0.1 via https? 为什么要通过https将流量代理到127.0.0.1？ Seems unnecessary 似乎不必要

Answer 2

Try this configuration, Hope it works. 尝试此配置，希望它能起作用。 All the headers are not required it's based on your applications need and how you are serving the requests fro your application. 并非所有标头都是必需的，它取决于您的应用程序需求以及如何为应用程序处理请求。

server {
listen 80;
return 301 https://$host$request_uri;
}

server {
listen 443;
server_name app.mydomain.com;

ssl on;
ssl_certificate_key       /root/apps/app.mydomain.com/localhost.key;
ssl_certificate           /root/apps/app.mydomain.com/localhost.crt;
ssl_session_cache  builtin:1000  shared:SSL:10m;
ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;

access_log            /var/log/nginx/app.access.log;

location / {
    proxy_set_header        Host $host;
    proxy_pass          http://localhost:8080/;
    proxy_set_header        X-Real-IP $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        X-Forwarded-Proto $scheme;

    proxy_read_timeout  90;
    proxy_buffer_size   128k;
    proxy_buffers   4 256k; 
    proxy_busy_buffers_size 256k;
    proxy_temp_file_write_size 256k;
    proxy_connect_timeout 300s;
}
}

如何使用Nginx设置SSL Node.js应用服务器

问题描述

2 个解决方案

解决方案1
-1 2018-06-30 19:52:57

解决方案2
-1 2018-07-01 07:06:41

如何使用Nginx设置SSL Node.js应用服务器

问题描述

2 个解决方案

解决方案1 -1 2018-06-30 19:52:57

解决方案2 -1 2018-07-01 07:06:41

解决方案1
-1 2018-06-30 19:52:57

解决方案2
-1 2018-07-01 07:06:41