前端以https打开,在my_domain / api / start访问后端,但是没有返回响应,并且控制台出现错误:
GET https://my_domain.com:8082/api/start net::ERR_SSL_PROTOCOL_ERROR
这是我的 nginx.conf:
server {
listen 80;
server_name my_domain.com www.my_domain.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name my_domain.com www.my_domain.com;
root /usr/share/nginx/html;
index index.html;
ssl_certificate /etc/nginx/ssl/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/private.key;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:HIGH:!aNULL:!MD5;
# API Backend proxy
location /api/ {
proxy_pass http://backend:8082;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location / {
try_files $uri $uri/ /index.html;
}
error_page 404 /index.html;
}
我的作文:
services:
frontend:
build:
context: ./frontend
args:
NGINX_CONF: ${NGINX_CONF}
# network_mode: host
# depends_on:
# - backend
ports:
- '80:80'
- "443:443"
volumes:
- ./frontend/ssl:/etc/nginx/ssl
environment:
- ENVIRONMENT=${ENVIRONMENT}
backend:
build:
context: ./backend
args:
CONFIG: ${CONFIG}
ports:
- '8082:8082'
- '8443:8443'
volumes:
- ./frontend/ssl:/etc/nginx/ssl
environment:
- ENVIRONMENT=${ENVIRONMENT}
networks:
app-network:
driver: bridge
通过 http://my_domain:8082/api/start 进行 curl 响应正常,没有错误,我尝试了很多变体,但没有任何变化。
端口 8082 上没有 HTTPS 后端。相反,此端口上有一个简单的 HTTP 后端,可通过端口 443 上的 nginx 反向代理使用:
因此,不要使用 访问后端
https://my_domain.com:8082/api/start
,而是使用https://my_domain.com/api/start
(默认端口 443 而不是 8082),这样访问就是通过 nginx 作为反向代理(提供 HTTPS)而不是直接访问后端(不提供 HTTPS)。