我如何才能找出 curl 导致 nginx SSL TCP 转发失败的原因?

我如何才能找出 curl 导致 nginx SSL TCP 转发失败的原因?

据我所知,TCP 转发 SSL 流量完全可行,但由于未知原因失败。我的 nginx 配置:

load_module /usr/lib/nginx/modules/ngx_stream_module.so;

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
    worker_connections 768;
}

stream {
  server {
    listen 80;
    proxy_pass mediapop.co:80;
  }
  server {
    listen 443;
    proxy_pass mediapop.co:443;
    ssl_preread on;
  }
}

然后在同一台服务器上运行:

$ curl -v -H "Host: mediapop.co" https://localhost
* Rebuilt URL to: https://localhost/
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 443 (#0)
* found 148 certificates in /etc/ssl/certs/ca-certificates.crt
* found 592 certificates in /etc/ssl/certs
* ALPN, offering http/1.1
* gnutls_handshake() failed: Handshake failed
* Closing connection 0
curl: (35) gnutls_handshake() failed: Handshake failed

我可以卷曲https://mediapop.co直接。同时,端口 80 转发工作正常。我使用的是最新版 nginx 1.14.0。

相关内容