Golang + nginx的+ HTTPS
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Golang + nginx的+ HTTPS相关的知识,希望对你有一定的参考价值。
我有 - 作为监听器http和https转到服务器。 nginx配置为处理http + https的传入请求。证书有序。使用单独的服务器可以在https协议上对它们的查询结果完美运行。但是,当我使用代理nginx时,https没有从服务器和服务器Go获得响应
“http:来自127.0.0.1:54037的TLS握手错误:tls:第一条记录看起来不像是TLS握手
可能是什么问题呢?
客户去:
package main
import (
"net/http"
"log"
)
func HelloSSLServer(w http.ResponseWriter, req *http.Request) {
w.Header().Set("Content-Type", "text/plain")
w.Write([]byte("This is an example server.
"))
// fmt.Fprintf(w, "This is an example server.
")
// io.WriteString(w, "This is an example server.
")
}
func main() {
http.HandleFunc("/", HelloSSLServer)
go http.ListenAndServe("192.168.1.2:80", nil)
err := http.ListenAndServeTLS("localhost:9007", "/etc/letsencrypt/live/somedomain/fullchain.pem", "/etc/letsencrypt/live/somedomain/privkey.pem", nil)
if err != nil {
log.Fatal("ListenAndServe: ", err)
}
}
Nginx配置:
server {
listen 192.168.1.2:80;
server_name somedomain;
rewrite ^ https://$host$request_uri? permanent;
}
server {
listen 192.168.1.2:443 ssl;
server_name somedomain;
access_log /var/log/nginx/dom_access.log;
error_log /var/log/nginx/dom_error.log;
ssl_certificate /stuff/ssl/domain.cert;
ssl_certificate_key /stuff/ssl/private.cert;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
location /
{
proxy_pass http://localhost:9007;
# proxy_redirect http://localhost:1500 http://site1;
proxy_cookie_domain localhost somedomain;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Client-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
将https
与proxy_pass一起使用
location /
{
proxy_pass https://localhost:9007;
...
}
nginx .config文件应该是这样的
server {
listen 443 ssl http2;
listen 80;
server_name www.mojotv.cn;
ssl_certificate /home/go/src/my_go_web/ssl/**.pem;
ssl_certificate_key /home/go/src/my_go_web/ssl/**.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers AESGCM:ALL:!DH:!EXPORT:!RC4:+HIGH:!MEDIUM:!LOW:!aNULL:!eNULL;
ssl_prefer_server_ciphers on;
location /(css|js|fonts|img)/ {
access_log off;
expires 1d;
root "/home/go/src/my_go_web/static";
try_files $uri @backend;
}
location / {
try_files /_not_exists_ @backend;
}
location @backend {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:********;
}
access_log /home/wwwroot/www.mojotv.cn.log;## nginx log path
}
the golang web app with http2 ssl feature shiped with nginx
对于没有额外配置的更基本的Go服务器,我向OP收到类似的错误消息。
tls:第一条记录看起来不像是TLS握手
我的临时修复只是为了确保测试URL包含“https://”和URL中的端口号。
没用 - ipaddress
没有用 - https://ipaddress
它将用于测试,直到更高级的设置。只需发布此内容即可帮助其他人进
以上是关于Golang + nginx的+ HTTPS的主要内容,如果未能解决你的问题,请参考以下文章
(转)mac 搭建基于RTMP的本地Nginx服务器报错homebrew/nginx was deprecated. This tap is now empty as all its form(代码片
nginx: [error] open() "/var/run/nginx/nginx.pid" failed (2: No such file or directory)(代码片
由于 CORS,Nginx 反向代理后面的 Golang 应用程序不会接受 ajax 请求