节点js + Nginx + Amazon Linux + SSL [英] Node js + Nginx + Amazon Linux + SSL

问题描述

我有一个带ssl的AWS linux服务器上运行的node js应用程序.我想将nginx实现为相同.我用谷歌搜索，并阅读到如果我在nginx中实现ssl，那么该节点应用程序将在http上运行.因此，我按以下方式配置了nginx conf并使用普通的http服务器运行了node js应用程序:

I have a node js application running on AWS linux server with ssl. I wanted to implement nginx to the same. I googled it and read that if I implement ssl in nginx then the node application runs on http. So I configured the nginx conf as follows and ran the node js application with normal http server:

listen              443 ssl;
server_name         myserver.com;
ssl_certificate     myserver.chained.crt;
ssl_certificate_key myserver.key;
ssl_client_certificate myserver.crt;
ssl_verify_client optional;
location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header VERIFIED $ssl_client_verify;
    proxy_set_header DN $ssl_client_s_dn;
    proxy_pass http://127.0.0.1:3000;
}

现在，该应用程序既可以在http上运行，也可以在https上运行.我希望实现nginx并通过ssl和该应用程序仅在https上运行. 我的方法正确吗?我想念什么?

Now the application is running on http as well as https. I want the nginx to be implemented and through ssl and the application to run only on https. Is my approach right and what am I missing?

推荐答案

我看到您在端口3000上运行了该应用程序，您想要做的是使其仅在https上运行，是将端口3000上的所有请求阻止为服务器(使用防火墙或

I see you have the application running on port 3000, what you will want to do so that it only runs on https is to block all requests on port 3000 to the server (using a firewall or security group rules in aws), and for every request on port 80 you will want to redirect them to the https version (port 443). Something like this:

server {
    listen         80;
    server_name    my.domain.com;
    return         301 https://$server_name$request_uri;
}

我在serverfault的此答案中发现了上述规则.

这篇关于节点js + Nginx + Amazon Linux + SSL的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！