nginx,反向代理wss,spring Boot

ipakzgxi  于 2023-11-17  发布在  Nginx
关注(0)|答案(1)|浏览(196)

尝试使用WS支持设置反向代理,但我得到403(禁止)。我很困惑为什么会发生,因为没有代理,一切都按预期工作。我的配置在这里:

  1. server {
  3.     root /var/www/html8080;
  5.     server_name game.memoux.com; # managed by Certbot
  7.     listen 443 ssl; # managed by Certbot
  8.     ssl_certificate /etc/letsencrypt/live/game.memoux.com/fullchain.pem; # managed by Certbot
  9.     ssl_certificate_key /etc/letsencrypt/live/game.memoux.com/privkey.pem; # managed by Certbot
  10.     include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  11.     ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  13.     location / {
  14.         # redirect all HTTP traffic to localhost:8080
  15.         proxy_pass http://localhost:8080;
  16.         proxy_set_header X-Real-IP $remote_addr;
  17.         proxy_set_header Host $host;
  18.         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  20.         # WebSocket support (nginx 1.4)
  21.         proxy_http_version 1.1;
  22.         proxy_set_header Upgrade $http_upgrade;
  23.         proxy_set_header Connection "upgrade";
  24.     }
  25. }

字符串
如果我尝试用https:https://game.memoux.com/ WebSocket访问它,则无法正常工作。但如果我尝试用http://game.memoux.com:8080访问它,则一切正常。这意味着,我的配置出错,而不是代理背后的应用程序出错。
nginx错误日志从05-11-2023

  1. 2023/11/05 01:46:15 [crit] 705581#705581: *2917 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 167.172.240.54, server: 0.0.0.0:443
  2. 2023/11/05 02:14:22 [error] 705581#705581: *2937 connect() failed (111: Connection refused) while connecting to upstream, client: 36.99.136.129, server: memoux.com, request: "GET / HTTP/1.1", upstream: "http://[::1]:3000/", host: "memoux.com"
  3. 2023/11/05 02:14:36 [error] 705581#705581: *2975 connect() failed (111: Connection refused) while connecting to upstream, client: 146.70.192.180, server: memoux.com, request: "GET /_next/static/chunks/framework-2c79e2a64abdb08b.js HTTP/1.1", upstream: >
  4. 2023/11/05 04:13:33 [crit] 705581#705581: *3022 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 65.49.1.17, server: 0.0.0.0:443
  5. 2023/11/05 06:51:34 [crit] 705581#705581: *3087 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 212.102.40.218, server: 0.0.0.0:443
  6. 2023/11/05 07:10:27 [crit] 705581#705581: *3110 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 68.183.200.199, server: 0.0.0.0:443
  7. 2023/11/05 07:44:42 [crit] 705581#705581: *3136 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 104.131.184.235, server: 0.0.0.0:443
  8. 2023/11/05 07:47:26 [crit] 705581#705581: *3147 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 35.216.204.22, server: 0.0.0.0:443
  9. 2023/11/05 08:25:08 [error] 705581#705581: *3177 connect() failed (111: Connection refused) while connecting to upstream, client: 3.249.231.245, server: memoux.com, request: "GET / HTTP/1.0", upstream: "http://[::1]:3000/", host: "memoux.com"
  10. 2023/11/05 11:02:06 [crit] 705581#705581: *3217 SSL_do_handshake() failed (SSL: error:0A00006C:SSL routines::bad key share) while SSL handshaking, client: 87.236.176.112, server: 0.0.0.0:443


x1c 0d1x的数据

nginx

1条答案

按热度按时间
wko9yo5t

wko9yo5t1#

您应该尝试更改您的“proxy_set_header Connection“upgrade”;“我不认为“upgrade”是Connection的正确值。
添加

  1. map $http_connection $connection_upgrade {
  2. "~*Upgrade" $http_connection;
  3. default keep-alive; 
  4. }

字符串
到服务器或http块,然后

  1. proxy_set_header   Connection $connection_upgrade;


在你的位置块。

赞(0)分享  回复(0)举报  2023-11-17
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com