我使用 Scala 实现了一组 Restful API。现在,我需要使用以下方法来保护这些 APISSL。因此,我使用 openssl 创建了自签名证书。我遵循了此中的所有步骤关联。
我已经创建了证书并在 nginx 中成功配置。我正在使用 Postman 通过 HTTPS/HTTP 调用 Restful API。
当我调用http来自 Postman 的请求,我得到了成功的响应。但是当我调用https请求,我没有得到任何回应。
未能得到任何回应连接时出错https://local.dev.api/api/auth/login。
以下是 nginx 配置。
nginx.conf
#user nobody;
worker_processes auto;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log debug;
#gzip on;
# another virtual host using mix of IP-, name-, and port-based configuration
#
server {
listen 80;
server_name local.dev.api;
location /api/auth/login {
proxy_http_version 1.1;
proxy_pass http://api-login;
}
}
upstream api-login {
server 10.10.1.78:8090;
}
# HTTPS server
#
server {
listen 443;
server_name local.dev.api;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
location /api/auth/login {
proxy_http_version 1.1;
proxy_pass http://api-login;
}
ssl_certificate localhost.crt;
ssl_certificate_key localhost.key;
}
include servers/*;
}
nginx 错误日志
我在日志中看到“http 代理状态 400“400 错误请求”。我该如何修复此问题?帮我修复它。
2018/04/04 12:44:09 [debug] 41855#0: accept on 0.0.0.0:443, ready: 1
2018/04/04 12:44:09 [debug] 41855#0: posix_memalign: 00007FAD4A405E50:512 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 accept: 127.0.0.1:49637 fd:3
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 3: 60000:179934202
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 3: ft:-1 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http check ssl handshake
2018/04/04 12:44:09 [debug] 41855#0: *6 http recv(): 1
2018/04/04 12:44:09 [debug] 41855#0: *6 https ssl handshake: 0x16
2018/04/04 12:44:09 [debug] 41855#0: *6 tcp_nodelay
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL server name: "local.dev.api"
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL NPN advertised
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_do_handshake: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL handshake handler: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_do_handshake: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL: TLSv1.2, cipher: "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD"
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 http wait request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4A800000:1024
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4A800000
2018/04/04 12:44:09 [debug] 41855#0: *6 http wait request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4B818A00:1024
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: 897
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4B81DA00:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 http process request line
2018/04/04 12:44:09 [debug] 41855#0: *6 http request line: "POST /api/auth/login HTTP/1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http uri: "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http args: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 http exten: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4B800000:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 http process request header line
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "cache-control: no-cache"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "User-Agent: PostmanRuntime/7.1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Accept: */*"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Host: local.dev.api"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "accept-encoding: gzip, deflate"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "content-length: 609"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Connection: keep-alive"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header done
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 3: 179934202
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 rewrite phase: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 test location: "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 using configuration "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http cl:609 max:1048576
2018/04/04 12:44:09 [debug] 41855#0: *6 rewrite phase: 3
2018/04/04 12:44:09 [debug] 41855#0: *6 post rewrite phase: 4
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 5
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 6
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 7
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 8
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 9
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 10
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 11
2018/04/04 12:44:09 [debug] 41855#0: *6 post access phase: 12
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 13
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 14
2018/04/04 12:44:09 [debug] 41855#0: *6 http client request body preread 609
2018/04/04 12:44:09 [debug] 41855#0: *6 http request body content length filter
2018/04/04 12:44:09 [debug] 41855#0: *6 http body new buf t:1 f:0 00007FAD4B818B20, pos 00007FAD4B818B20, size: 609 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http init upstream, client timer: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 3: ft:-2 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Host"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script var: "api-login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Connection"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "close"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Content-Length"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script var: "609"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "cache-control: no-cache"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "User-Agent: PostmanRuntime/7.1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Accept: */*"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "accept-encoding: gzip, deflate"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header:
"POST /api/auth/login HTTP/1.1
Host: api-login
Connection: close
Content-Length: 609
Content-Type: application/json
cache-control: no-cache
Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1
User-Agent: PostmanRuntime/7.1.1
Accept: */*
accept-encoding: gzip, deflate
"
2018/04/04 12:44:09 [debug] 41855#0: *6 http cleanup add: 00007FAD4B800AB0
2018/04/04 12:44:09 [debug] 41855#0: *6 get rr peer, try: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 stream socket 5
2018/04/04 12:44:09 [debug] 41855#0: *6 connect to 10.10.1.78:8090, fd:5 #7
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 5: ft:-1 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 5: ft:-2 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream connect: -2
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4A700420:128 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 5: 60000:179934213
2018/04/04 12:44:09 [debug] 41855#0: *6 http finalize request: -4, "/api/auth/login?" a:1, c:2
2018/04/04 12:44:09 [debug] 41855#0: *6 http request count:2 blk:0
2018/04/04 12:44:09 [debug] 41855#0: *6 http run request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream check client, write event:1, "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request body
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer buf fl:0 s:287
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer buf fl:1 s:609
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer in: 00007FAD4B800B10
2018/04/04 12:44:09 [debug] 41855#0: *6 writev: 896 of 896
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer out: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 5: 179934213
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 5: 60000:179934214
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream dummy handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream process header
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4C001C00:4096
2018/04/04 12:44:09 [debug] 41855#0: *6 recv: eof:1, avail:461, err:0
2018/04/04 12:44:09 [debug] 41855#0: *6 recv: fd:5 461 of 4096
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy status 400 "400 Bad Request"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Origin: *"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Credentials: true"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Headers: auth, Authorization, Content-Type, X-Requested-With"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Server: akka-http/10.0.10"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Date: Wed, 04 Apr 2018 07:14:09 GMT"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Connection: close"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Length: 142"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header done
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4C002C00:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 HTTP/1.1 400 Bad Request
Server: nginx/1.13.10
Date: Wed, 04 Apr 2018 07:14:09 GMT
Content-Type: application/json
Content-Length: 142
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: auth, Authorization, Content-Type, X-Requested-With
2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:0 f:0 s:320
2018/04/04 12:44:09 [debug] 41855#0: *6 http cacheable: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy filter init s:400 h:0 c:0 l:142
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream process upstream
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe read upstream: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe preread: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe buf free s:0 t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe length: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 input buf #0
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream flush in
2018/04/04 12:44:09 [debug] 41855#0: *6 http output filter "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http postpone filter "/api/auth/login?" 00007FAD4B800B20
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:0 f:0 s:462
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: 0 "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream done
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer: 5, old: 179934214, new: 179934234
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream exit: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 finalize http upstream request: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 finalize http proxy request
2018/04/04 12:44:09 [debug] 41855#0: *6 free rr peer 1 0
2018/04/04 12:44:09 [debug] 41855#0: *6 close http upstream connection: 5
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4A700420, unused: 48
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 5: 179934214
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream temp fd: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 http output filter "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http postpone filter "/api/auth/login?" 00007FFF5E049670
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:0 f:0 0000000000000000, pos 0000000000000000, size: 0 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:1 f:0 s:462
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter limit 0
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4A700060:512 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4C003C00:16384
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL buf copy: 320
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL buf copy: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL to write: 462
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_write: 462
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: 0 "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http finalize request: 0, "/api/auth/login?" a:1, c:1
2018/04/04 12:44:09 [debug] 41855#0: *6 set http keepalive handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http close request
2018/04/04 12:44:09 [debug] 41855#0: *6 http log handler
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C001C00
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B81DA00, unused: 8
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B800000, unused: 48
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C002C00, unused: 3248
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B818A00
2018/04/04 12:44:09 [debug] 41855#0: *6 hc free: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 hc busy: 0000000000000000 0
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C003C00
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 3: 65000:179939234
2018/04/04 12:44:09 [debug] 41855#0: *6 http empty handler