[英]SSL support Docker Swarm with Nginx
我正在嘗試使用在docker群上運行的Nginx設置SSL,但是遇到了問題。 一切看起來正確,但是我提出的任何請求都掛起,直到得到502。我確保在撰寫文件中公開端口443。 這是我得到的Nginx錯誤:
*7 peer closed connection in SSL handshake while SSL handshaking to upstream, client: 10.255.0.2, server: subdomain.mysite.com, request: "GET /api-v1/user-login HTTP/2.0", upstream: "https://10.0.0.6:5051/api-v1/user-login", host: "subdomain.mysite.com"
這是我的nginx default.conf的相關部分:
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_protocols SSLv3 TLSv1;
upstream siteStage {
ip_hash;
server siteStage:5051;
}
server {
listen 443 ssl http2 ;
server_name subdomain.mysite.com;
ssl on;
ssl_certificate /path/provided.crt;
ssl_certificate_key /path/client.key;
ssl_client_certificate /path/ca.crt;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_verify_client off;
location / {
proxy_ssl_certificate /etc/ssl/client.pem;
proxy_ssl_certificate_key /etc/ssl/client.key;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_ciphers HIGH:!aNULL:!MD5;
proxy_ssl_session_reuse on;
proxy_pass https://siteStage/;
}
}
原來這是我的Nginx配置。 這是我最終使它工作的方式:
# No upstream
server {
listen 80;
listen 443 ssl default_server;
server_name subdomain.mysite.com;
ssl on;
ssl_certificate /path/provided.crt;
ssl_certificate_key /path/client.key;
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
location / {
proxy_pass http://siteStage:5051/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto "https";
}
}
實現 Nginx 容器用於反向代理和 SSL 證書 Django 容器在 ZC5FD227SCDD0D22BA5 內
[英]Implementation of Nginx Container for Reverse Proxying and SSL certificates for Django Containers inside Docker Swarm
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.