nginx 为什么当我通过HTTP连接到Express服务器时会出现502错误?

unhi4e5o  于 2023-06-28  发布在  Nginx
关注(0)|答案(2)|浏览(178)

到我的服务器的HTTPS连接不起作用,我不知道为什么。每次我导航到我的服务器的默认路由(“/”)时,我都会得到一个“502 Bad Gateway”错误。
以下是有关我的设置的一些详细信息:

  • 我在Amazon EC2 Ubuntu示例上托管Express服务器。
  • 分配给此示例的安全组接受来自任何地方的http、https和ssh请求。
  • 我使用nginx(v1.18.0)作为反向代理。
  • 我从Zerossl获得了SSL证书。

Express应用程序:

const app = express();

app.use(express.json());

app.use(
  cors({
    origin: ["*"],
    methods: ["GET", "PUT", "POST", "DELETE"],
    allowedHeaders: ["Origin", "Content-Type", "Authorization"],
  })
);

const httpPort = 3001;
const httpsPort = 3002;

// Read the SSL/TLS certificate and private key
const privateKey = fs.readFileSync(path.join(__dirname, process.env.SSL_FOLDER_PATH!, "private.key"), "utf8");
const certificate = fs.readFileSync(path.join(__dirname, process.env.SSL_FOLDER_PATH!, "certificate.crt"), "utf8");
const credentials = { key: privateKey, cert: certificate };

// Create an HTTPS server using the credentials
const httpsServer = https.createServer(credentials, app);

app.listen(httpPort, () => {
  console.log(`HTTP gia-trainer-server listening on port ${httpPort}`);
});

httpsServer.listen(httpsPort, () => {
  console.log(`HTTPS gia-trainer-server listening on port ${httpsPort}`);
});

app.get("/", (req, res) => {
  res.send("Hello World!!");
});

我的nginx conf文件(位于/etc/nginx/conf.d):

server {
        listen 80;
        server_name 3.145.91.237;

        location / {
                proxy_pass http://localhost:3001;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        }

        #location / {
        #       return 301 https://$host$request_uri;
        #}
}

server {
        listen 443 ssl;
        server_name 3.145.91.237;

        ssl_certificate /home/ubuntu/ssl/gia-trainer/certificate.crt;
        ssl_certificate_key /home/ubuntu/ssl/gia-trainer/private.key;

location / {
                proxy_pass http://localhost:3002;
                proxy_set_header Host $host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                # Additional proxy settings if needed
                #proxy_read_timeout 300s;
                #proxy_connect_timeout 75s;
        }
}

我检查了nginx错误日志,这是我发出请求时得到的结果:

2023/06/23 20:50:49 [error] 56080#56080: *1 upstream prematurely closed connection while reading response header from upstream, client: 176.27.127.113, server: 3.145.91.237, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:3002/", host: "ec2-3-145-91-237.us-east-2.compute.amazonaws.com"

有什么想法可能导致这个错误吗?我花了整整两天的时间来解决这个问题,不停地修改配置文件。它在普通的HTTP上工作得很好:(
谢谢大家

5q4ezhmt

5q4ezhmt1#

您的Nodejs服务器正在以SSL加密的方式提供数据,但您的Nginx服务器是非SSL服务器的代理。变更

proxy_pass http://localhost:3002;

proxy_pass https://localhost:3002;
ryevplcw

ryevplcw2#

主要原因是SSL证书不匹配:如果您的上游服务器使用SSL/TLS,请验证Nginx配置中指定的SSL证书(ssl_certificate和ssl_certificate_key)与上游服务器使用的SSL证书匹配。不匹配的证书可能导致连接失败。

相关问题