我有一台运行反向代理服务器的NGINX服务器到节点应用程序。 现在我需要使用https,但在尝试访问https网站时,我一直收到502:Bad Gateway错误
server {
listen 80;
server_name MYSERVERDOMAIN;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
server {
listen 443 ssl;
server_name MYSERVERDOMAIN;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
答案 0 :(得分:1)
您的设置看起来是正确的,因此我对此问题不太确定。但是,我使用以下设置为我的生产服务器添加static assets文件夹和https自动转发的附加配置 - 这是您production servers可能需要的最终设置。希望它可以提供帮助:
server {
listen 80;
server_name example.com;
rewrite ^/(.*) https://example.com/$1 permanent;
}
server {
server_name example.com;
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
ssl_certificate /etc/ssl/certs/www.example.chained.cer;
ssl_certificate_key /etc/ssl/private/www.example.com_ssl_private_key.key;
root /var/www/example/public;
location / {
try_files $uri @proxy;
}
location @proxy {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}