我想设置一个反向代理,将我的内部用户向myserver:443/mybucket发出的请求重定向到https://s3.us-east-1.amazonaws.com:443/mybucket。Nginx服务器在Amazon Linux 2023上。我还有另外两个桶需要重定向。
我已经配置了下面的nginx.conf文件:
server {
server_name myserver;
listen 443;
rewrite ^/(.*)$ https://s3.us-east-1.amazonaws.com/$1 permanent;
location / {
allow 10.0.0.0/8;
deny all;
}
}
当我想使用curl测试重定向是否有效时,我遇到了以下错误:
# curl -k -I https://myserver/mybucket
curl: (35) OpenSSL/3.0.8: error:0A00010B:SSL routines::wrong version number
如果我使用http而不是https:
# curl -I http://myserver/mybucket
HTTP/1.1 301 Moved Permanently
Server: nginx/1.24.0
Date: Wed, 16 Aug 2023 15:01:51 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://s3.us-east-1.amazonaws.com/mybucket
我想我可能需要为我的服务器创建一个SSL证书,我的用户将使用。出于测试目的,我在Nginx服务器上创建了一个自签名证书,并将其添加到配置中:
server {
server_name myserver;
ssl_certificate /usr/cert/certificate.crt;
ssl_certificate_key /usr/cert/private.key;
listen 443;
rewrite ^/(.*)$ https://s3.us-east-1.amazonaws.com/$1 permanent;
location / {
allow 10.0.0.0/8;
deny all;
}
}
然后我再次测试并添加了-vv以获取更多细节,但同样的错误:
# curl -vv -k -I https://myserver/mybucket
* Trying myserver...
* Connected to myserver port 443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL/3.0.8: error:0A00010B:SSL routines::wrong version number
* Closing connection 0
curl: (35) OpenSSL/3.0.8: error:0A00010B:SSL routines::wrong version number
我在设置中有什么遗漏吗?
1条答案
按热度按时间63lcw9qa1#
找到解决方案。
我只需要启用ssl并修改nginx.conf文件中的以下行:
到