NGINX反向代理到节点HTTPS

Question

我有一个运行反向代理服务器的NGINX服务器到节点应用程序。试图访问https网站时错误网关错误

server { 
listen 80; 
    server_name MYSERVERDOMAIN; 

    location/{ 
      proxy_pass http://localhost:3000; 
     proxy_http_version 1.1; 
     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection 'upgrade'; 
     proxy_set_header Host $host; 
     proxy_cache_bypass $http_upgrade; 
    } 
} 

server { 
    listen 443 ssl; 
    server_name MYSERVERDOMAIN; 

    ssl on; 
    ssl_certificate /etc/nginx/ssl/server.crt; 
    ssl_certificate_key /etc/nginx/ssl/server.key; 
    ssl_ciphers HIGH:!aNULL:!MD5; 
    ssl_prefer_server_ciphers on; 
    ssl_session_cache shared:SSL:1m; 
    ssl_session_timeout 5m; 
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 

location/{ 
    proxy_pass http://localhost:3000; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection 'upgrade'; 
    proxy_set_header Host $host; 
    proxy_cache_bypass $http_upgrade; 
} 
} 

Answer 1

您的设置看起来是正确的，所以我不太清楚有关问题： 现在我需要得到它以https工作，但我不断收到502。但是，我正在使用下面的设置为我的生产服务器提供static assets文件夹的其他配置和https自动转发 - 这是您为production servers设置的最终设置。希望它可以帮到：

server { 
     listen 80; 
     server_name example.com; 
     rewrite ^/(.*) https://example.com/$1 permanent; 
} 

server { 
     server_name example.com; 

     listen 443 ssl default_server; 
     listen [::]:443 ssl default_server; 
     ssl_certificate /etc/ssl/certs/www.example.chained.cer; 
     ssl_certificate_key /etc/ssl/private/www.example.com_ssl_private_key.key; 

     root /var/www/example/public; 

     location/{ 
       try_files $uri @proxy; 
     } 

     location @proxy { 
       proxy_pass http://localhost:3000; 
       proxy_http_version 1.1; 
       proxy_set_header Upgrade $http_upgrade; 
       proxy_set_header Connection 'upgrade'; 
       proxy_set_header Host $host; 
       proxy_cache_bypass $http_upgrade; 
     } 
}