这是configuration
server { listen 443; ssl on; ssl_certificate /apps/cert-chain.crt; ssl_certificate_key /apps/private.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; server_name mytest.com; location /static { alias /apps/static/; } location / { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_read_timeout 75s; proxy_connect_timeout 75s; if (!-f $request_filename) { proxy_pass http://127.0.0.1:9006; break; } } } 在启动nginx时出现以下错误
nginx: [emerg] bind() to 0.0.0.0:443 failed (13: Permission denied) nginx: [emerg] bind() to 0.0.0.0:443 failed (13: Permission denied) nginx: [emerg] bind() to 0.0.0.0:443 failed (13: Permission denied)
端口443是一个受限的端口(1024以下),只能由pipe理员绑定。
处理这个问题的最好方法是绑定到不同的端口(8443或类似的东西),然后通过类似于系统运行的iptables的方式从443转发stream量。