nginx tomcat ssl 访问失败

wad12302 发布于 2013/02/18 15:33
阅读 2K+
收藏 0

nginx  + tomcat ssl 不加端口访问失败

https://localhost:8443/  可以正确访问

https://localhost/  没有端口8443 不能正确访问

502 Bad Gateway

nginx/1.3.1

# ----- start-----
server
	{
		listen       443;
		server_name localhost;
		ssl on;
		ssl_certificate  /cygdrive/d/ssl/test/server_test.crt;
		ssl_certificate_key  /cygdrive/d/ssl/test/server_test.key.unsecure;
		
		location /
			{
				index  index.jsp index.html index.htm;  
				proxy_pass https://127.0.0.1:8443;
			}

		access_log  /cygdrive/d/log/nginx/access_test443.log;
	}
	
server
	{
		listen       80;
		server_name localhost;
		location /
			{
				#index  index.jsp index.html index.htm;  
				#proxy_pass http://127.0.0.1:8080;
				rewrite (.*) https://$host$1 permanent;
			}

		access_log  /cygdrive/d/log/nginx/access_test80.log;
	}
	
# ----- end-----

2013/02/18 15:30:43 [error] 5104#0: *1 SSL_do_handshake() failed (SSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message) while SSL handshaking to upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8443/", host: "localhost"
2013/02/18 15:30:46 [error] 5104#0: *1 SSL_do_handshake() failed (SSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message) while SSL handshaking to upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8443/", host: "localhost"
2013/02/18 15:30:46 [error] 5104#0: *1 SSL_do_handshake() failed (SSL: error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message) while SSL handshaking to upstream, client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", upstream: "https://127.0.0.1:8443/", host: "localhost"


帮忙看看

加载中
0
小猫王
wad12302
wad12302
直接代理80端口是没问题,关键是 通过https访问时候访问tomcat的8443端口问题
0
wad12302
wad12302

我修后不强制https先测试:


# ----- start-----
server
	{
		listen       443;
		server_name localhost 127.0.0.1;
		ssl on;
		ssl_certificate  /cygdrive/d/ssl/test/server_test.crt;
		ssl_certificate_key  /cygdrive/d/ssl/test/server_test.key.unsecure;
		
		location /
			{
				index  index.jsp index.html index.htm;  
				#proxy_pass http://127.0.0.1:8080;
				#proxy_pass http://www.hao123.com;
				proxy_pass https://127.0.0.1:8443;
			}

		access_log  /cygdrive/d/log/nginx/access_test443.log;
	}
	
server
	{
		listen       80;
		server_name localhost 127.0.0.1;
		location /
			{
				index  index.jsp index.html index.htm;  
				proxy_pass http://127.0.0.1:8080;
			}

		access_log  /cygdrive/d/log/nginx/access_test80.log;
	}
	
# ----- end-----
我这样的时候 


直接:

http://127.0.0.1/  可以访问到tomcat的8080的项目

但是

https://127.0.0.1/ 不行。

如果我把 ssl下面的 配置

#proxy_pass http://127.0.0.1:8080;
#proxy_pass http://www.hao123.com;

proxy_pass https://www.hao123.com;
换成这样,可以

返回顶部
顶部