|
给蜜罐HFish设置反向代理的时候,网页弹出了个 Client sent an HTTP request to an HTTPS server。
必须要 IP+端口,进行访问,我设置了代理域名,那我就要 域名:端口 这样访问。这明显不符合我所想的。
所以我上搜了下发现了篇解决办法
https://www.it-swarm.cn/zh/nginx/%E4%BD%BF%E7%94%A8%E4%B8%8A%E6%B8%B8ssl%E5%B0%86nginx%E9%85%8D%E7%BD%AE%E4%B8%BA%E5%8F%8D%E5%90%91%E4%BB%A3%E7%90%86/960265630/
- 需要注意几个点
upstream设置代理地址- 记得填写 SSL 证书地址
upstream streaming_example_com
{
# 设置你需要需要代理的端口号
server 127.0.0.1:4333;
}
server
{
listen 80;
server_name example.com;
# 强制HTTPS
rewrite ^(.*)$ https://$host$1 permanent;
}
server
{
listen 443 ssl http2;
server_name hfish.zyugat.cn;
index index.html index.htm index.php default.html default.htm default.php;
ssl_certificate /etc/nginx/ssl/example.com.pem;
ssl_certificate_key /etc/nginx/ssl/example.com.key;
proxy_ssl_verify off;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache builtin:1000 shared:SSL:10m;
location / {
proxy_pass https://streaming_example_com;
}
access_log /root/use/wwwlogs/example.com.log;
}
|