NodeJs + Nginx ..上游过早关闭连接,同时从上游读取响应头

时间:2017-09-30 19:41:06

标签: node.js ssl nginx lets-encrypt

我的网站在端口80(http)上运行,我正在使用nginx没有任何问题。下面是我在nginx中使用的默认文件

server {
    listen 80;
    server_name www.example.com;
    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

现在我打算使用https并下载Lets加密证书。目前我无法访问该网站。我收到了以下错误。

* [错误] 754#754: 1上游过早关闭连接,同时读取响应标头 m upstream,client:xxx.xx.xxx.xxx,server:example.com,request:“GET /favicon.ico HTTP / 2.0”,上游:“h ttp://127.0.0.1:3000 / favicon.ico“,主持人:”www.exapmple.com“,推荐人:”https://www.example.com/

以下是我来自nginx的默认文件

# HTTP — redirect all traffic to HTTPS
server {
    listen 80;
    listen [::]:80 default_server ipv6only=on;
    return 301 https://$host$request_uri;
}

server {
    listen 443 default_server ssl;
    listen [::]:443 ssl http2;
    server_name example.com www.example.com;

    # certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:50m;
    ssl_session_tickets off;


    # intermediate configuration. tweak to your needs.
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
    ssl_prefer_server_ciphers on;

    # HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
    add_header Strict-Transport-Security max-age=15768000;

    # OCSP Stapling ---
    # fetch OCSP records from URL in ssl_certificate and cache them
    ssl_stapling on;
    ssl_stapling_verify on;

    resolver 8.8.8.8;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

}

我的nodejs代码如下

var app = express();
 var port = 3000;
var server = https.createServer(app).listen(port, function() {
    console.log("Application connected on port " + port);
});

并且服务器正在端口3000上运行。

提前致谢.. J

2 个答案:

答案 0 :(得分:7)

此问题现已解决。问题出在nodejs代码上。

我将上面的代码更改为

var app = express();
 var port = 3000;
var server = app.listen(port, function() {
    console.log("Application connected on port " + port);
});

https.createserver在内部调用http.server()并创建实例。 所以通过删除它,错误得到解决。

感谢您的帮助!!

答案 1 :(得分:0)

这是因为您请求url带有空格“ h ttp://127.0.0.1:3000 / favicon.ico”,并且节点http服务器不支持url带有未编码的空格,因此您可以删除该空格或使用网络服务器代替。希望能解决您的问题

相关问题
最新问题