我想配置Nginx,以便它终止SSL,然后通过http将请求转发到后端Tomcat服务器。当我尝试登录时,我会被重定向回应用程序,但我得到以下异常。
“HTTP状态500 - javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:PKIX路径构建失败:sun.security.provider.certpath.SunCertPathBuilderException:无法找到请求目标的有效证书路径”< / p>
我正在使用jasig cas。
Nginx配置
#Load balancing group
upstream main_lb_group {
ip_hash;
server 127.0.0.1:8080;
server 127.0.0.1:8081;
}
#Redirecting HTTP to HTTPS requests
server {
listen 80;
return 301 https://$host$request_uri;
}
#Where users access applications, im using subdomain but it could be the main site
server {
listen 443 ssl;
server_name subdomain.abc.com;
location / {
proxy_pass http://main_lb_group;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
#Tomcat management page for server 1 has its own subdomain backend1.abc.com
server {
listen 443 ssl;
server_name backend1.abc.com;
root /opt/tomcat8b1/webapps/;
index index.jsp index.html index.htm;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 1M;
}
}
#Tomcat management page for server 2 has its own subdomain backend2.abc.com
server {
listen 443 ssl;
server_name backend2.abc.com;
root /opt/tomcat8b2/webapps/;
index index.jsp index.html index.htm;
location / {
proxy_pass http://127.0.0.1:8081/;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
send_timeout 300;
}
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 1M;
}
}
有人可以帮忙吗?
答案 0 :(得分:0)
结果是服务器名称属性链接中的cas服务器有http而不是https。将其更改为https后,它可以正常工作。