400 Bad Request 您正在向启用 SSL 的服务器端口 kubernetes pod 发送纯 HTTP
400 Bad Request You're speaking plain HTTP to an SSL-enabled server port kubernetes pod
我收到错误消息“400 错误请求您的浏览器发送了该服务器无法理解的请求。
原因:您正在向启用 SSL 的服务器端口发送纯 HTTP。
请改为使用 HTTPS 方案访问此 URL。"
我想要实现的是:
1.Docker 运行
Docker 使用 apache2 和 Shibboleth 的图像都 运行ning 在端口 http(8090) 和 https(8443) 上,分别带有自签名证书。 运行使用 docker 运行 在本地处理图像,效果很好。
http://localhost:8090/ ----> 工作正常
https://localhost:8443/Shibboleth.sso/Status ----> 给出证书错误,但在接受并忽略后工作正常。
(正在通过 apache2 000-default.conf ProxyPass /Shibboleth.sso/ https://localhost:8443/Shibboleth.sso/Status 访问的 Shibboleth 服务)
- Kubernetes 平台
以下是为访问同一图像而创建的部署、服务和入口。
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: test
name: demo
labels:
app: demo
spec:
#replicas: 1
selector:
matchLabels:
app: demo-pod
template:
metadata:
labels:
app: demo-pod
spec:
containers:
- image: <repository>public/demo-v1
name: demo
ports:
- containerPort: 8154
name: demo-ui
- containerPort: 8090
name: http
- containerPort: 8443
name: https
securityContext:
runAsNonRoot: true
runAsUser: 1000
resources:
limits:
cpu: 1000m
memory: 8024Mi
requests:
cpu: 500m
memory: 4096Mi
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: regcred
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
namespace: test
name: demo-svc
labels:
app: demo
spec:
selector:
app: demo-pod
ports:
- port: 8154
name: demo-ui
targetPort: 8154
protocol: TCP
- port: 8090
name: http
targetPort: 8090
protocol: TCP
- port: 8443
name: https
targetPort: 8443
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: test
name: demo-ing
labels:
app: demo
spec:
ingressClassName: internal
tls:
- hosts:
- demo.example.com
rules:
- host: demo.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8090
- path: /demo-ui
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8090
- path: /Shibboleth.sso
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8443
默认域正在为 *.example.com
使用 https
when hitting **https://demo.example.com/ --> http://<pod-IP>:8090** and working fine
but when accessing the **https://demo.example.com/Shibboleth.sso/Status --- > http://<pod-IP>:8443**
并返回“400 Bad Request Your browser sent a request that this server couldn't understand. Reason: you're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to访问此 URL,请"
我也通过入口注释和 apache2 重定向尝试了多种解决方案,但似乎没有任何帮助。
在 apache2 上进行重定向时,它没有将本地主机作为变量。
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^8443$
RewriteRule ^/Shibboleth.sso(.*) https://localhost:8443/Shibboleth.sso/ [NC,R,L]
不考虑localhost而作为dns。
还尝试在入口级别重定向,这也给出了 404 未找到错误。
请帮忙!!!
能否尝试将此注释添加到您的入口文件中?
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"
我收到错误消息“400 错误请求您的浏览器发送了该服务器无法理解的请求。 原因:您正在向启用 SSL 的服务器端口发送纯 HTTP。 请改为使用 HTTPS 方案访问此 URL。"
我想要实现的是:
1.Docker 运行 Docker 使用 apache2 和 Shibboleth 的图像都 运行ning 在端口 http(8090) 和 https(8443) 上,分别带有自签名证书。 运行使用 docker 运行 在本地处理图像,效果很好。 http://localhost:8090/ ----> 工作正常 https://localhost:8443/Shibboleth.sso/Status ----> 给出证书错误,但在接受并忽略后工作正常。 (正在通过 apache2 000-default.conf ProxyPass /Shibboleth.sso/ https://localhost:8443/Shibboleth.sso/Status 访问的 Shibboleth 服务)
- Kubernetes 平台 以下是为访问同一图像而创建的部署、服务和入口。
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: test
name: demo
labels:
app: demo
spec:
#replicas: 1
selector:
matchLabels:
app: demo-pod
template:
metadata:
labels:
app: demo-pod
spec:
containers:
- image: <repository>public/demo-v1
name: demo
ports:
- containerPort: 8154
name: demo-ui
- containerPort: 8090
name: http
- containerPort: 8443
name: https
securityContext:
runAsNonRoot: true
runAsUser: 1000
resources:
limits:
cpu: 1000m
memory: 8024Mi
requests:
cpu: 500m
memory: 4096Mi
dnsPolicy: ClusterFirst
imagePullSecrets:
- name: regcred
restartPolicy: Always
---
apiVersion: v1
kind: Service
metadata:
namespace: test
name: demo-svc
labels:
app: demo
spec:
selector:
app: demo-pod
ports:
- port: 8154
name: demo-ui
targetPort: 8154
protocol: TCP
- port: 8090
name: http
targetPort: 8090
protocol: TCP
- port: 8443
name: https
targetPort: 8443
protocol: TCP
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
namespace: test
name: demo-ing
labels:
app: demo
spec:
ingressClassName: internal
tls:
- hosts:
- demo.example.com
rules:
- host: demo.example.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8090
- path: /demo-ui
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8090
- path: /Shibboleth.sso
pathType: Prefix
backend:
service:
name: demo-svc
port:
number: 8443
默认域正在为 *.example.com
使用 httpswhen hitting **https://demo.example.com/ --> http://<pod-IP>:8090** and working fine
but when accessing the **https://demo.example.com/Shibboleth.sso/Status --- > http://<pod-IP>:8443**
并返回“400 Bad Request Your browser sent a request that this server couldn't understand. Reason: you're speaking plain HTTP to an SSL-enabled server port. Instead use the HTTPS scheme to访问此 URL,请"
我也通过入口注释和 apache2 重定向尝试了多种解决方案,但似乎没有任何帮助。
在 apache2 上进行重定向时,它没有将本地主机作为变量。
RewriteEngine on
ReWriteCond %{SERVER_PORT} !^8443$
RewriteRule ^/Shibboleth.sso(.*) https://localhost:8443/Shibboleth.sso/ [NC,R,L]
不考虑localhost而作为dns。
还尝试在入口级别重定向,这也给出了 404 未找到错误。
请帮忙!!!
能否尝试将此注释添加到您的入口文件中?
annotations:
kubernetes.io/ingress.class: "nginx"
nginx.ingress.kubernetes.io/ssl-passthrough: "true"
nginx.ingress.kubernetes.io/secure-backends: "true"
nginx.ingress.kubernetes.io/backend-protocol: "HTTPS"