Nginx下https反向代理轉(zhuǎn)發(fā)無(wú)效問題

在nginx下起一個(gè)https服務(wù)器用作另一個(gè)http服務(wù)器的代理,配置文件為:

server {
        listen       4430 ssl;
        server_name  192.168.10.151 localhost;

        ssl_certificate      /usr/local/nginx/cert/cert.pem;
        ssl_certificate_key  /usr/local/nginx/cert/cert.key;

        location / {
                proxy_pass http://localhost:8019;
        }
    }


server {
                listen       8019;
                server_name  127.0.0.1 localhost;

                location / {
                     root   /usr/local/nginx/html/admin;
                     index  index.html index.htm;
                }

測(cè)試的時(shí)候,查看error日志發(fā)現(xiàn)報(bào)錯(cuò),如下:

2020/11/17 09:08:01 [error] 20010#0: *555 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.10.134, server: 192.168.10.151, request: "GET / HTTP/1.1", upstream: "http://[::1]:8019/", host: "192.168.10.151:4430"
2020/11/17 09:23:39 [notice] 20821#0: signal process started
2020/11/17 09:24:08 [error] 20822#0: *601 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.10.134, server: 192.168.10.151, request: "GET / HTTP/1.1", upstream: "http://[::1]:8019/", host: "192.168.10.151:4430"

基本上全是connect failed的信息。去網(wǎng)上搜索一番,發(fā)現(xiàn)upstream中[::1]是ipv6的地址,linux下輸入命令ip address 查看,確實(shí)本機(jī)開啟了ipv6的地址

link/ether 52:54:00:21:1e:2d brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.151/24 brd 192.168.10.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::e856:db72:3ac7:fc2b/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

所以請(qǐng)求是轉(zhuǎn)發(fā)到ipv6的http服務(wù)去了,當(dāng)然會(huì)connect failed了。所以配置文件修改為

server {
        listen       4430 ssl;
        server_name  192.168.10.151 localhost;

        ssl_certificate      /usr/local/nginx/cert/cert.pem;
        ssl_certificate_key  /usr/local/nginx/cert/cert.key;

        location / {
                proxy_pass http://127.0.0.1:8019;
        }
    }

顯示指明為ipv4地址

但是此時(shí)請(qǐng)求還是沒被轉(zhuǎn)發(fā),到error日志和access日志查看,都沒有什么消息。后來(lái)在chrome上面調(diào)試才發(fā)現(xiàn)請(qǐng)求都被chrome屏蔽了(因?yàn)榫W(wǎng)站證書不是受信任的證書,請(qǐng)求會(huì)被chrome默認(rèn)屏蔽掉)

需要到chrome設(shè)置里配置一下

設(shè)置--->隱私設(shè)置和安全性--->不安全內(nèi)容--->允許

然后刷新頁(yè)面后,就可以正常訪問網(wǎng)站了。

?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容