具有SSL的nodejs应用程序的Nginx配置

时间:2016-07-18 19:34:14

标签: node.js ssl nginx

我有一个运行在

的节点应用程序
  

本地主机:8008 /服务名

此应用程序位于/opt/myfolder/test/,我还在certs文件夹,.pem文件和CA签名的.cer文件中生成了该应用程序。 我还安装了pm2来帮助我从https端点运行此服务器。

我创建了一个名为service.conf的文件,并将其符号链接到/etc/nginx/sites-enabled

这就是.conf文件的样子

    server {
        listen 443;

        server_name localhost

        root /opt/myfolder/test/public;
        index index.html index.htm;

        ssl on;
        ssl_certificate    /opt/myfolder/test/certs/server.cer
        ssl_certificate_key    /opt/myfolder/test/certs/server.pem;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
    ssl_session_cache shared:SSL:1m;


    location @app {
        log_not_found off;
        access_log off;
        proxy_pass https://127.0.0.1:8008;
        proxy_http_version 1.1;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_cache_bypass $http_upgrade;
    }

    location / {
        try_files $uri $uri/ @app;
    }

}

在我的Node.js应用程序中,我添加了以下内容:

var server = https.createServer({
      key: fs.readFileSync(path.join(__dirname, 'certs', 'server.pem')),
      cert: fs.readFileSync(path.join(__dirname, 'certs', 'server.cer'))
    }, app);


 server = app.listen(8008,'localhost', function() {
  console.log('Express server listening on port ' + server.address().port);
});

重新启动nginx:sudo service nginx restart并使用pm2启动应用:pm2 start app.js

我现在可以访问

  

本地主机:8008 /服务名

但无法访问

  

https://localhost:8008/serviceName

Secure Connection Failed

The connection to localhost:8008 was interrupted while the page was loading.

    The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
    Please contact the website owners to inform them of this problem.

我想知道我的配置是否有问题,或者应用程序是否通过nginx进行路由。 我错过了什么?

1 个答案:

答案 0 :(得分:0)

更换:

server = app.listen(8008,'localhost', function() {
  console.log('Express server listening on port ' + server.address().port);
});

使用:

server.listen(8008,'localhost', function() {
  console.log('Express server listening on port ' + server.address().port);
});

解决了这个问题。