在配置 express 项目中配置 https 时, 遇到了 502 错误, 日志如下:
2017/02/06 17:23:35 [error] 4831#0: *49 connect() failed (111: Connection refused) while connecting to upstream, client: 101.67.136.202, server: www.xxxx.com, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8000/", host: "xxxx.com"
node.js(模板代码修改了关于https的部分)
var app = require('../app');
var debug = require('debug')('socket:server');
var fs = require('fs');
var https = require('https');
var keyPath = 'ssl/ca.key';
var certPath = 'ssl/ca.pem';
var hskey = fs.readFileSync(keyPath);
var hscert = fs.readFileSync(certPath);
var port = normalizePort(process.env.PORT || '8000');
app.set('httpsport', port);
var server = https.createServer({
key: hskey,
cert: hscert
}, app)
var io = require('socket.io')(server)
io.sockets.on('connection', function (socket) {
socket.on('join', function () {
console.log('joined')
})
})
server.listen(port);
nginx 配置
upstream nodejs__upstream {
server 127.0.0.1:8000;
keepalive 64;
}
server {
listen 443 ssl;
ssl_certificate "/etc/nginx/cert/ca.pem";
ssl_certificate_key "/etc/nginx/cert/ca.key";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
server_name www.xxxx.com xxxx.com;
access_log /root/nginx.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header Connection "";
proxy_http_version 1.1;
proxy_pass https://nodejs__upstream;
}
}
server {
listen 80;
server_name xxxx.com;
return 301 https://$server_name$request_uri;
}
还有一个事情挺怪的,这套配置再本地是没有问题的, 但是在线上是502错误.
去 stackoverflow 上转了一圈也没有找到对症的方法, T_T
add:
netstat -nptl
运行结果:
nginx 连不上你的 nodejs 程序。你
netstat -nptl
看一下它在监听吗?那有问题的是哪里?
PS:
这是想干嘛?
PPS: nodejs 在本地,不需要再使用 HTTPS 了。加密了再给 nginx 解密没意义,只是浪费 CPU。