Nginx

反向代理到 localhost:xxxx 僅適用於 http 而不適用於 https

  • June 15, 2018

我有以下適用於 http 的配置:

server {
   listen 80;
   listen [::]:80;

   server_name subdomain.domain.tech;

   location / {
       proxy_set_header   X-Forwarded-For $remote_addr;
       proxy_set_header   Host $http_host;
       proxy_pass         "http://127.0.0.1:1337";
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection 'upgrade';
       proxy_cache_bypass $http_upgrade;
   }
}

我嘗試使用 https 並訪問https://subdomain.domain.tech我在 nginx 上無限載入且沒有錯誤。HTTPS 配置:

server {
   listen 443 ssl;
   server_name subdomain.domain.tech;

   ssl on;
   ssl_certificate /etc/letsencrypt/live/subdomain.domain.tech/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/subdomain.domain.tech/privkey.pem;

   ssl_session_timeout  5m;
   ssl_protocols  SSLv2 SSLv3 TLSv1;
   ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
   ssl_prefer_server_ciphers   on;

   access_log /var/log/nginx/access.log postdata;

   location / {
       proxy_set_header   X-Forwarded-For $remote_addr;
       proxy_set_header   Host $http_host;
       proxy_pass         "http://127.0.0.1:1337";
       proxy_http_version 1.1;
       proxy_set_header Upgrade $http_upgrade;
       proxy_set_header Connection 'upgrade';
       proxy_cache_bypass $http_upgrade;
   }
}

如果我輸入 http url,我還嘗試刪除 http 部分並重定向到 https:

server {
  listen 80;
  listen [::]:80;
  server_name subdomain.domain.tech;
  return 301 https://subdomain.domain.tech$request_uri;
}

我還驗證了證書在那裡。但這很明顯,因為我沒有收到來自 nginx 的任何錯誤。

知道為什麼它不起作用嗎?謝謝

顯然是一件愚蠢的事情。當我使用 Amazon AWS EC2 時,我忘記在 Amazon 防火牆中打開埠。允許埠 443 上的流量後一切正常;)

引用自:https://serverfault.com/questions/915763