After Nginx reverse proxy configures HTTPS redirection, the protocol becomes HTTP

Mobile 2023-08-27 01:15:30 views: null

400 Bad Request: The plain HTTP request was sent to HTTPS port

1. Background introduction

Through Nginxthe proxy backend service, Nginxonly the HTTPS port is monitored, and when entering other interfaces through the interface opened for the first time, it is changed to the HTTPprotocol and cannot be opened. After changing HTTPSto , the interface after the jump can also be opened. Under normal circumstances, when we listen to two ports, this problem is solved, because we can use 301 to do a redirection. But I currently only open the HTTPSagreement.

server {
    
    
    listen 23182 ssl;
    server_name test.example.com;

    ssl_certificate /etc/nginx/ssl/example.com/example.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/example.com.key;

    access_log /var/log/nginx/example-test.access.log main;
    error_log  /var/log/nginx/example-test.err.log    warn;

    location / {
    
    
            proxy_pass http://10.10.1.21:8080;
            proxy_set_header        Host $host:$server_port;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            client_max_body_size    10m;
            client_body_buffer_size 128k;
            proxy_connect_timeout   5;
            proxy_send_timeout      10;
            proxy_read_timeout      10;
            proxy_buffer_size       4k;
            proxy_buffers           4 32k;
            proxy_busy_buffers_size 64k;
            proxy_temp_file_write_size 64k;
    }
}

2. Problem solving

proxy_redirect http:// https:// This configuration can solve the problem of httpsbecoming after redirection http. proxy_redirectThe function is relatively powerful, and its function is to modify the URL sent to the client.

server {
    
    
    listen 23182 ssl;
    server_name test.example.com;

    ssl_certificate /etc/nginx/ssl/example.com/example.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/example.com.key;

    access_log /var/log/nginx/example-test.access.log main;
    error_log  /var/log/nginx/example-test.err.log    warn;

    location / {
    
    
            proxy_pass http://10.10.1.21:8080;
            proxy_redirect          http:// https://;               # 这个配置
            proxy_set_header        Host $host:$server_port;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;      # 这个配置
            client_max_body_size    10m;
            client_body_buffer_size 128k;
            proxy_connect_timeout   5;
            proxy_send_timeout      10;
            proxy_read_timeout      10;
            proxy_buffer_size       4k;
            proxy_buffers           4 32k;
            proxy_busy_buffers_size 64k;
            proxy_temp_file_write_size 64k;
    }
}

Guess you like

Origin blog.csdn.net/qq_25854057/article/details/126751250
Recommended
Arc Browser for Windows 1.0 officially GA
A programmer born in the 1990s developed a video porting software and made over 7 million in less than a year. The ending was very punishing!
Ranking
1. Select Sort
Create a thread thread
3 press to play ball that reach 6
Programmation CUDA (4) : gestion de la mémoire
SpringBoot database connection pool Druid error
E Diudiu App redesign summary
4EVERLAND Hosting now supports SNS+IPFS
About HTTPS
[vue3+vite+ts+element-plu+sass] uses bug records in sass
Interpretation of HUAWEI CLOUD GaussDB (for Influx): Best Practice Data Modeling
Daily
More
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)

Code World

© 2018 codetd.com