我尝试将Nginx服务器configuration为反向代理,以便从客户端接收的https请求也通过https转发到上游服务器。
这是我使用的configuration:
http { # enable reverse proxy proxy_redirect off; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for; upstream streaming_example_com { server WEBSERVER_IP:443; } server { listen 443 default ssl; server_name streaming.example.com; access_log /tmp/nginx_reverse_access.log; error_log /tmp/nginx_reverse_error.log; root /usr/local/nginx/html; index index.html; ssl_session_cache shared:SSL:1m; ssl_session_timeout 10m; ssl_certificate /etc/nginx/ssl/example.com.crt; ssl_certificate_key /etc/nginx/ssl/example.com.key; ssl_verify_client off; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers RC4:HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass https://streaming_example_com; } } } 无论如何,当我尝试使用反向代理访问文件时,这是我在反向代理日志中得到的错误:
2014/03/20 12:09:07 [错误] 4113079#0:* 1 SSL握手到上游客户端:192.168.1.2,SSL_do_handshake()失败(SSL:错误:1408E0F4:SSL例程:SSL3_GET_MESSAGE:意外的消息) server:streaming.example.com,请求:“GET /publishers/0/645/_teaser.jpg HTTP / 1.1”,上游:“ https://MYSERVER.COM:443/publishers/0/645/_teaser.jpg ” ,主机:“streaming.example.com”
任何想法我做错了什么?
我发现错误是什么,我需要添加proxy_ssl_session_reuse off;