Node.js Nginx LetsEncrypt 错误网关
Node.js Nginx LetsEncrypt Bad Gateway
我正在使用 nginx 和 LetsEncrypt 设置 Node.js 应用程序。
我设置了它,但每次我尝试访问它时,它都会给我一个 502 Bad Gateway 错误。
Node.js 没有显示任何东西,所以我认为它甚至没有访问该应用程序,检查了 nginx 日志并发布了这个...
2016/02/27 09:12:11 [error] 15706#0: OCSP_basic_verify() failed (SSL: error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found) while requesting certificate status, responder: ocsp.int-x1.letsencrypt.org
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
nginx 配置:
upstream app_gamepit {
server 127.0.0.1:3000;
}
# the nginx server instance
server {
listen 443 ssl;
server_name gamepit.nl;
access_log /var/log/nginx/gamepit.log;
ssl on;
gzip on;
ssl_certificate /etc/letsencrypt/live/gamepit.nl/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/gamepit.nl/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/gamepit.nl/fullchain.pem;
# pass the request to the node.js server with the correct headers
# and much more can be added, see nginx config options
location / {
proxy_pass https://app_gamepit/;
proxy_redirect off;
}
}
server {
listen 443;
server_name www.gamepit.nl;
rewrite ^/(.*) https://gamepit.nl/ permanent;
}
Node.js 应用程序(非常小,因为我正在测试...)
var fs = require('fs');
var https = require('https');
var privateKey = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/privkey.pem', 'utf8');
var certificate = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/fullchain.pem', 'utf8');
var ca = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/chain.pem', 'utf8');
var credentials = {key: privateKey, cert: certificate, ca: ca};
var app = require('express')();
app.use(function(req, res, next) {
console.log('site call!', req.originalUrl);
next();
});
app.get('/', function(req, res) {
res.send('Hello World');
res.end();
});
var https = https.createServer(credentials, app);
https.listen(3000,'127.0.0.1', function() {
console.log('running!');
});
我发现了问题...
github
有问题
而不是
ssl_certificate /etc/letsencrypt/live/domain.com/cert.pem;
你应该使用
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
我不知道为什么,但现在可以了。
我正在使用 nginx 和 LetsEncrypt 设置 Node.js 应用程序。
我设置了它,但每次我尝试访问它时,它都会给我一个 502 Bad Gateway 错误。
Node.js 没有显示任何东西,所以我认为它甚至没有访问该应用程序,检查了 nginx 日志并发布了这个...
2016/02/27 09:12:11 [error] 15706#0: OCSP_basic_verify() failed (SSL: error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found) while requesting certificate status, responder: ocsp.int-x1.letsencrypt.org
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
2016/02/27 09:12:11 [error] 15706#0: *1 upstream prematurely closed connection while reading response header from upstream, client: 212.121.109.65, server: gamepit.nl, request: "GET / HTTP/1.1", upstream: "http://127.0.0.1:8080/", host: "gamepit.nl"
nginx 配置:
upstream app_gamepit {
server 127.0.0.1:3000;
}
# the nginx server instance
server {
listen 443 ssl;
server_name gamepit.nl;
access_log /var/log/nginx/gamepit.log;
ssl on;
gzip on;
ssl_certificate /etc/letsencrypt/live/gamepit.nl/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/gamepit.nl/privkey.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/letsencrypt/live/gamepit.nl/fullchain.pem;
# pass the request to the node.js server with the correct headers
# and much more can be added, see nginx config options
location / {
proxy_pass https://app_gamepit/;
proxy_redirect off;
}
}
server {
listen 443;
server_name www.gamepit.nl;
rewrite ^/(.*) https://gamepit.nl/ permanent;
}
Node.js 应用程序(非常小,因为我正在测试...)
var fs = require('fs');
var https = require('https');
var privateKey = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/privkey.pem', 'utf8');
var certificate = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/fullchain.pem', 'utf8');
var ca = fs.readFileSync('/etc/letsencrypt/live/gamepit.nl/chain.pem', 'utf8');
var credentials = {key: privateKey, cert: certificate, ca: ca};
var app = require('express')();
app.use(function(req, res, next) {
console.log('site call!', req.originalUrl);
next();
});
app.get('/', function(req, res) {
res.send('Hello World');
res.end();
});
var https = https.createServer(credentials, app);
https.listen(3000,'127.0.0.1', function() {
console.log('running!');
});
我发现了问题... github
有问题而不是
ssl_certificate /etc/letsencrypt/live/domain.com/cert.pem;
你应该使用
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
我不知道为什么,但现在可以了。