我使用 GoDaddy 作为域名注册商,并<subdomain_name>
在 Digital Ocean 上创建了一个链接到我服务器 IP 地址的域名。我还使用 Let's encrypt 获取 SSL 证书,并使用 nginx 作为反向代理。以下是我正在使用的 nginx conf. 文件:
server {
listen 443 http2 ssl;
server_name <subdomain_name>;
#Logging
access_log /var/log/nginx/<subdomain_name>.access.log;
error_log /var/log/nginx/<subdomain_name>.error.log;
location /.well-known/acme-challenge/ {
root /var/www/html/test; # Temp for generating letsencrypt
default_type text/plain;
}
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
#Fix the “It appears that your reverse proxy set up is broken” error.
proxy_pass http://127.0.0.1:3001;
proxy_read_timeout 90;
proxy_redirect http://127.0.0.1:3001 http://<subdomain_name>/;
#Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
}
# SSL configuration
ssl_certificate /etc/letsencrypt/live/<subdomain_name>/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/<subdomain_name>/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = <subdomain_name>) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name <subdomain_name>;
return 404; # managed by Certbot
}
设置:
我正在运行多个应用程序,它们正在监听不同的端口,其中一些应用程序相互依赖。
例子:
http://<subdomain_name>:3001 -> being a nginx application angular frontend application
http://<subdomain_name>:3002 -> an API that provides http://<subdomain_name>:3001 with the necessary data
http://<subdomain_name>:3003 -> another service
问题:
当我运行不使用 SSL 的域时,仅使用普通的 http 类似,http://<subdomain_name>:3001, http://<subdomain_name>:3002, http://<subdomain_name>:3003
它们工作正常。但是,当我尝试在 https 中运行它时,无法访问以下内容:
https://<subdomain_name>:3002, https://<subdomain_name>:3003
浏览器说:
This website cannot provide a secure connection <subdomain_name> has sent an invalid response.
ERR_SSL_PROTOCOL_ERROR
只https://<subdomain_name>:3001
起作用,因为它被重定向了,因为这是我在 nginx.conf 文件中指示的。但是我确实收到了一个控制台错误,上面写着
POST https://<subdomain_name>:3002/graphql net::ERR_SSL_PROTOCOL_ERROR
问题是,https://<subdomain_name>:3002
由于它不是一个安全的 SSL 连接,因此无法发出发布请求,从而引发一个错误,即无法提供数据。
预期结果:
我尝试了 nginx 配置,为不同的服务添加不同的服务器块,但无法使其正常工作。
我希望以下内容也适用于 https:
http://<subdomain_name>:3001
http://<subdomain_name>:3002
http://<subdomain_name>:3003
此外,我希望通过消除此错误,服务https://<subdomain_name>:3002
能够提供数据。https://<subdomain_name>:3001
POST https://<subdomain_name>:3002/graphql net::ERR_SSL_PROTOCOL_ERROR