我有这样的配置:
upstream frontend_upstream {
# FrontEnd part based on `frontend` container with React app.
server frontend:3000;
}
server {
...
listen 80;
server_name stage.example.com;
server_tokens off;
location /.well-known/acme-challenge/ {
root /var/www/certbot;
}
location / {
# Define the location of the proxy server to send the request to
# Web it's a name of Docker container with a frontend.
proxy_pass https://frontend_upstream;
...
}
# Setup communication with API container.
location /api {
proxy_pass http://api:9002;
rewrite "^/api/(.*)$" /$1 break;
proxy_redirect off;
}
}
server {
listen 443 ssl;
server_name stage.example.com;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/stage.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/stage.example.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://frontend_upstream;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
我希望能够通过 HTTP 和 HTTPs 连接到我的应用程序,但却SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream遇到了问题。
这个配置有什么问题?有很多类似的问题,但没有一个能帮我解决。
答案1
你的上游应该正在HTTPS或HTTP为frontend_upstream?
就像你写的那样,一个HTTPS是80block,另一个HTTP是 443 block
在向 frontend_upstream 发出请求之前,请先检查它是否使用 TLSHTTPS