Nginx 代理 https,协议未转发

Nginx 代理 https,协议未转发

我在用着nginx恩格罗克(用于备份)架构如下:

internet <---> ngrok <---> nginx <---> my app
   ^                         ^
   +-------------------------+

问题是,当使用 https 向 ngrok 请求时,https原型未转发:

http.Header{
    "Connection":        {"close"},
    "Cache-Control":     {"max-age=0"},
    "Accept":            {"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"},
    "Accept-Encoding":   {"gzip, deflate, sdch"},
    "Cookie":            {"SK=YI4oj_BbbmGGK6WqgS8VZT63EiiZDJop3T4k7Lsyz2JX173c8"},
    "X-Forwarded-Proto": {"http"},
    "Http-Client-Ip":    {"127.0.0.1"},
    "User-Agent":        {"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.125 Safari/537.36"},
    "Accept-Language":   {"en-US,en;q=0.8,id;q=0.6"},
    "X-Forwarded-For":   {"127.0.0.1"},
    "X-Forwarded":       {"127.0.0.1"},
    "X-Real-Ip":         {"118.97.79.125"},
}

直接访问时https显示:

http.Header{
    "Connection":        {"close"},
    "Accept":            {"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8"},
    "Accept-Encoding":   {"gzip, deflate, sdch"},
    "Cookie":            {"PHPSESSID=vjouh02c-fzytF59w5RPPFE98Xie6yFGe3MKFsc2MTTdMSJC6PRbik-dBolT6YU0ndycBV769CHhJXJipb1"},
    "X-Forwarded-Proto": {"https"},
    "Http-Client-Ip":    {"172.16.10.2"},
    "Accept-Language":   {"en-US,en;q=0.8,id;q=0.6"},
    "X-Forwarded-For":   {"172.16.10.2"},
    "X-Real-Ip":         {"172.16.10.2"},
    "User-Agent":        {"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.125 Safari/537.36"},
}

我的 nginx 配置:

    server {
            listen 443;
            server_name "" _;
            root /home/web/public;
            error_log /home/web/error.log;
            error_page 500 502 503 504 /502.html;
            location / {
                    try_files $uri/index.html $uri @xxx;
            }
            location @xxx {
                    proxy_read_timeout 300;
                    proxy_connect_timeout 300;
                    proxy_redirect     off;
                    proxy_set_header   x-forwarded-for   $proxy_add_x_forwarded_for;
                    proxy_set_header   x-forwarded-proto $scheme;
                    proxy_set_header   host              $http_host;
                    proxy_set_header   x-forwarded       $remote_addr;
                    proxy_pass http://xxx;
            }
            ssl on;
            ssl_certificate /home/web/.ssh/xxx.crt;
            ssl_certificate_key /home/web/.ssh/xxx.key;
    }        
    upstream xxx {
      server 127.0.0.1:12345;
    }

相关内容