我有问题为我的Jenkins CI服务器设置SSL。 我使用nginx后面的Jenkins作为反向代理。 我正在upstream prematurely closed connection while reading response header from upstream jenkins.error.log文件中的upstream prematurely closed connection while reading response header from upstream错误中upstream prematurely closed connection while reading response header from upstream时,获取这些upstream prematurely closed connection while reading response header from upstream 。
2014/09/30 13:01:49 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET /favicon.ico HTTP/1.1", upstream: "http://127.0.0.1:8080/favicon.ico", host: "jenkins.<SERVER URL>.com" 2014/09/30 13:01:50 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream, client: <MY IP ADDR>, server: jenkins.<SERVER URL>.com, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "jenkins.<SERVER URL>.com"
jenkins正在运转。 我可以通过https://<SERVER IP ADDR>:8080 (即使Chrome对证书抱怨)。 虽然nginx给了我一个官方url502 Bad Gateway消息。
网站可用的configuration:
upstream jenkins { server 127.0.0.1:8080 fail_timeout=0; } server { listen 80; return 301 https://$host$request_uri; } server { listen 443; #listen [::]:443 default ipv6only=on; server_name jenkins.<SERVER URL>.com <SERVER IP ADDR>; ssl on; ssl_certificate /etc/nginx/ssl/jenkins.<SERVER URL>.com.chained.crt; ssl_certificate_key /etc/nginx/ssl/<SERVER URL>.com.key; access_log /etc/nginx/logs/jenkins.access.log; error_log /etc/nginx/logs/jenkins.error.log; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_redirect http:// https://; proxy_pass http://jenkins; } }
jenkins本身就是个问题。 我们最初禁用了Jenkins的http端口,只允许https。 一旦我们再次允许http,我们只允许来自127.0.0.1的请求,并解决了我们的问题。
tl; dr:启用http端口,只允许通过127.0.0.1的请求