如何使用Redbird反向代理配置安全(HTTPS)域 [英] How to configure a secure (HTTPS) domain with Redbird reverse proxy
问题描述
我想知道如何使用Redbird代理正确配置安全域.基本的信息有点令人困惑,因为示例有些零散.我想应该可以自动使用letsencrypt
(在那里声称).
I’d like to know how to configure a secure domain with Redbird proxy properly. The basic info is a bit confusing because examples are slightly fragmented. I suppose it should be possible with letsencrypt
automatically (as claimed there).
我尝试过:
var proxy = require('redbird')({
port:80,
ssl: {
port: 3000,
letsencrypt: {
path: '../SSL-certs',
}
}
});
proxy.register('secure-web.net', 'http://xx.xx.xxx.xxx:8080',{
ssl: {
letsencrypt: {
email: 'my@mail.com'
}
}
});
proxy.register('insecure-web.net', 'http://xx.xxx.xx.xxx:6881');
终端抛出(当我尝试访问页面时):
Terminal throws (when I try to visit the page):
{"name":"redbird","hostname":"honza-kvm","pid":3089,"level":50,"err":{"message":"140009434470272:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:../deps/openssl/openssl/ssl/s3_srvr.c:1418:\n","name":"Error","stack":"Error: 140009434470272:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher:../deps/openssl/openssl/ssl/s3_srvr.c:1418:\n"},"msg":"HTTPS Client Error","time":"2016-11-08T13:03:37.979Z","v":0}
Firefox抛出:
Firefox throws:
Error code: SSL_ERROR_NO_CYPHER_OVERLAP
目录SSL-certs故意为空(似乎应该按照手册页显示),但也许我需要一些有关通过Redbird通常使用letsencrypt
的重要信息.
The directory SSL-certs is intentionally empty (it seems it should be according to the manual page) but maybe I need some important info about using letsencrypt
via Redbird in general.
推荐答案
此示例启用了HTTP和https到我现有的本地主机:8080.
This example enabled http and https to my existing localhost:8080.
var proxy = require('redbird')({
port: 80
xfwd: false,
letsencrypt: {
path: "certs",
port: 3000
},
ssl: {
port: 443
}
});
proxy.register("www.example.com", "http://localhost:8080", {
ssl: {
letsencrypt: {
email: "me@example.com",
production: false
}
}
});
另外,当从production:false切换到production:true时,我发现证书颁发者仍然是
Also, when switching from production:false to production:true, I found the certificate issuer was still
假LE中级X1
Fake LE Intermediate X1
我完全删除了certs目录的内容,并重新启动了代理以查找
I completely removed the contents of the certs dir, and restarted the proxy to find
让我们的加密机构X3
Let's Encrypt Authority X3
这篇关于如何使用Redbird反向代理配置安全(HTTPS)域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!