2
我使用nginx和LetsEncrypt設置了一個Node.js應用程序。Node.js Nginx LetsEncrypt Bad Gateway
我設置了它,但每次嘗試訪問它時,它都會給我一個502 Bad Gateway錯誤。
的Node.js沒有顯示任何東西,所以我想它甚至沒有訪問應用程序,檢查了Nginx的日誌和母豬這個...
2016/02/27 09:12:11 [error] 15706#0: OCSP_basic_verify() failed (SSL: error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found) while requesting certificate status, responder: ocsp.int-x1.letsencrypt.org
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET/HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET/HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET/HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET/HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
nginx的配置:
upstream app_gamepit {
server 127.0.0.1:3000;
}
# the nginx server instance
server {
listen 443 ssl;
server_name gamepit.nl;
access_log /var/log/nginx/gamepit.log;
ssl on;
gzip on;
ssl_certificate /etc/letsencrypt/live/gamepit.nl/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/gamepit.nl/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/gamepit.nl/fullchain.pem;
# pass the request to the node.js server with the correct headers
# and much more can be added, see nginx config options
location/{
proxy_pass https://app_gamepit/;
proxy_redirect off;
}
}
server {
listen 443;
server_name www.gamepit.nl;
rewrite ^/(.*) https://gamepit.nl/$1 permanent;
}
節點.js文件的應用程序(非常小的,因爲我測試...)
var fs = require('fs');
var https = require('https');
var privateKey = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/privkey.pem', 'utf8');
var certificate = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/fullchain.pem', 'utf8');
var ca = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/chain.pem', 'utf8');
var credentials = {key: privateKey, cert: certificate, ca: ca};
var app = require('express')();
app.use(function(req, res, next) {
console.log('site call!', req.originalUrl);
next();
});
app.get('/', function(req, res) {
res.send('Hello World');
res.end();
});
var https = https.createServer(credentials, app);
https.listen(3000,'127.0.0.1', function() {
console.log('running!');
});
你爲什麼要在nginx和node中都放鍵? – loadaverage
因爲一些教程告訴我這樣:P 我可以檢查它是否有所作爲,請稍等。 – CreasolDev
當我刪除關於SSL的線路時,nginx給了我一個SSL協議錯誤,所以NGINX需要知道SSL證書,node.js需要它們進行加密,這是我認爲的:) – CreasolDev