WSO2 API群集上Nginx负载平衡器上的SSL证书错误

时间:2019-02-13 10:25:08

标签: wso2

我通过Nginx Load Balancer手动配置了API集群: Drag & Drop Does Not Disable Buttons As Doesn't Fall Into Correct IF Statement https://docs.wso2.com/display/AM250/Configuring+the+Proxy+Server+and+the+Load+Balancer

我尝试对LB使用自签名证书或商业证书,但是当我在443端口上打开LB网页时,日志中存在相同的错误:

SSL_do_handshake() failed (SSL: error:14094412:SSL routines:ssl3_read_bytes:sslv3 alert bad certificate:SSL alert number 42) while SSL handshaking to upstream.

出什么问题了?

Nginx配置:

upstream server1 {
    server x.x.x.x:9443;
}
upstream server2 {
    server x.x.x.x:8243;
}
server {
    listen 80;
    server_name server1.com;
    rewrite ^/(.*) https://server1.com/$1 permanent;
}
server {
    listen 443;
    server_name server1.com;
    proxy_set_header X-Forwarded-Port 443;
    ssl on;
    ssl_certificate /etc/nginx/ssl/server1.cer;
    ssl_certificate_key /etc/nginx/ssl/server1.key;
    location / {
               proxy_set_header X-Forwarded-Host $host;
               proxy_set_header X-Forwarded-Server $host;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header Host $http_host;
               proxy_read_timeout 5m;
               proxy_send_timeout 5m;
               proxy_pass https://server1.com;
        }
}
server {
    listen 443;
    server_name server1.com;
    proxy_set_header X-Forwarded-Port 443;
    ssl on;
    ssl_certificate /etc/nginx/ssl/server1.cer;
    ssl_certificate_key /etc/nginx/ssl/server1.key;
    location / {
               proxy_set_header X-Forwarded-Host $host;
               proxy_set_header X-Forwarded-Server $host;
               proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
               proxy_set_header Host $http_host;
               proxy_read_timeout 5m;
               proxy_send_timeout 5m;
               proxy_pass https://server1.com;
}}

0 个答案:

没有答案