GET:ERR_SSL_PROTOCOL_ERROR nginx + vue.js [英] GET: ERR_SSL_PROTOCOL_ERROR nginx + vue.js
问题描述
在Google Chrome浏览器的控制台日志中,出现以下错误:
In console log of Google Chrome I'm getting these errors :
GET https://192.168.1.7:8081/sockjs-node/info?t=1579798623564 net::ERR_SSL_PROTOCOL_ERROR
GET https://192.168.1.7/sockjs-node/info?t=1579798623562 net::ERR_CERT_COMMON_NAME_INVALID
如果在/etc/nginx/conf/default.conf(Ubuntu 18.04.03 Server Edition)中:
if in /etc/nginx/conf/default.conf ( Ubuntu 18.04.03 Server Edition):
server {
listen 443 ssl http2 default_server;
server_name example.com www.example.com
ssl_certificate /etc/ssl/certs/chained.pem;
ssl_certificate_key /etc/ssl/private/domain.key;
ssl_certificate /etc/ssl/certs/chained.pem;
ssl_certificate_key /etc/ssl/private/domain.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:50m;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security "max-age=31536000";
location / {
proxy_pass http://192.168.1.7:8081;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com www.example.com;
return 301 https://$host$request_uri;
add_header Strict-Transport-Security "max-age=31536000";
location / {
proxy_pass http://192.168.1.7:8080;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
我按如下所示设置vue.config.js:
I setup vue.config.js as follows:
module.exports = {
productionSourceMap: false,
pluginOptions: {
i18n: {
enableInSFC: true
}
},
devServer: {
host: '192.168.1.7',
hot: true,
disableHostCheck: true
}
}
并按如下所示定义webpack.config.js:
and defined webpack.config.js as follows :
var path = require('path');
var fs = require('fs');
module.exports = {
https: {
key: fs.readFileSync('/etc/ssl/private/domain.key'),
ca: fs.readFileSync('/etc/ssl/certs/chained.pem')
}
};
更新1)
在/etc/nginx/conf.d/default.conf中进行修改http-> https:
Modifying in /etc/nginx/conf.d/default.conf http -> https:
location / {
proxy_pass https://192.168.1.7:8081;
导致502 Bad Gateway:
leads to 502 Bad Gateway :
所以...我的问题现在是:如何使用TLS使Nginx服务器应答?
So... my question is now: how to make the nginx server answer with TLS?
我做错了什么?如何解决问题?
What am I doing wrongly? How to solve the problem?
推荐答案
GET https://192.168.1.7:8081/sockjs-node/info?t=1579798623564 net::ERR_SSL_PROTOCOL_ERROR
...
proxy_pass http://192.168.1.7:8081;
在nginx配置中,您以http://´. In the first line you access the same IP:port with https://which results in a protocol error. While nothing is known about the server on this IP:port it is very likely that is only http://`的身份访问192.168.1.7:8081,这将解释协议错误:尝试对未使用TLS应答的服务器进行TLS握手
In the nginx configuration you access 192.168.1.7:8081 as http://´. In the first line you access the same IP:port withhttps://which results in a protocol error. While nothing is known about the server on this IP:port it is very likely that is onlyhttp://` which would explain the protocol error: attempt to do a TLS handshake against a server which does not answer with TLS.
GET https://192.168.1.7/sockjs-node/info?t=1579798623562 net::ERR_CERT_COMMON_NAME_INVALID
对192.168.1.7:443上的证书一无所知(443是https的默认端口),但很可能该证书不包含192.168.1.7作为有效的IP SAN.但这是使用URL https://192.168.1.7/时证书验证的期望值.
Nothing is known about the certificate on 192.168.1.7:443 (443 is default port for https) but very likely this certificate does not contain 192.168.1.7 as valid IP SAN. But this is the expected value for certificate verication when using the URL https://192.168.1.7/.
这篇关于GET:ERR_SSL_PROTOCOL_ERROR nginx + vue.js的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
