nginx 错误“上行超时(110:未知错误)当尝试反向代理时,SSL握手到上游

ruyhziif  于 2023-04-05  发布在  Nginx
关注(0)|答案(1)|浏览(291)

我想从Web Socket API获取信息,这需要发送一个api-key作为查询字符串,所以我想使用nginx作为反向代理来获取请求,然后添加api-key。之后将此请求发送到目标URL(我不希望我的用户能够检查浏览器并找到该键!!!)
下面是我的Nuxtjs应用程序发送的请求:
http://my-site.com/ws/signalr/negotiate?clientProtocol=2.1
下面是/etc/nginx/sites-available/ www.example.com中的nginx配置my-site.com:

server {
    listen          80;             # the port nginx is listening on
    server_name     my-site.com;    # setup your domain here

    gzip            on;
    gzip_types      text/plain application/xml text/css application/javascript;
    gzip_min_length 1000;

    charset utf-8;

    root /var/www/mysite;

    location ~* \.(?:ico|gif|jpe?g|png|woff2?|eot|otf|ttf|svg|js|css)$ {
        expires $expires;
        add_header Pragma public;
        add_header Cache-Control "public";

        try_files $uri $uri/ @proxy;
    }

    location / {
        expires $expires;
        #add_header Content-Security-Policy "default-src 'self' 'unsafe-inline' https: data:; base-uri 'self';";
        add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
        add_header X-Frame-Options "SAMEORIGIN";

        try_files $uri $uri/index.html @proxy; # for generate.subFolders: true
        # try_files $uri $uri.html @proxy; # for generate.subFolders: false
    }

    location /ws/ {
        proxy_pass https://external-api.net:7890/;
        set $args $args&apiKey=MYAPIKEY;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host external-api.net;
    }
}

但是这在error.log中给了我一个错误:
上行超时(110:未知错误)与上游进行SSL握手时,客户端:x.x.x.x,服务器:my-site.com,request:“GET /ws/signalr/negotiate?clientProtocol=2.1 HTTP/1.1”,upstream:“https://y.y.y. y:7890/signalr/negotiate?clientProtocol = 2.1&apiKey = MYAPIKEY”,host:“my-site.com”
我该怎么做呢?
仅供参考:我不使用Docker,Containers或负载均衡器。所以我没有在我的nginx配置中放置upstream。将proxy_read_timeout 3600;添加到我的位置块不起作用。

ogq8wdun

ogq8wdun1#

我已经找到了解决方案。在我的情况下,问题是SSL。我已经将下面的行添加到我的NGINX位置块配置中,我在前面的主要问题中解释过:

proxy_ssl_name $host;
proxy_ssl_server_name on;
proxy_ssl_session_reuse off;

然后重新加载NGINX:

systemctl reload nginx

相关问题