问题描述

我的 nginx 服务器实际上是通过一个简单的方式代理我的节点后端(它侦听端口 3000):

my nginx server is actually proxying my node backend (which listens on port 3000) with a simple:

location /api/ {
proxy_pass http://upstream_1;
}

upstream_1 是我在 nginx.conf 中定义的节点集群(在端口 3000).

Where upstream_1 is my node cluster defined in nginx.conf (on port 3000).

我将不得不通过 h​​ttp 连接添加 SSL，所以我有以下问题:我是否只需要配置 nginx 来启用 ssl?它会自动解密"请求并将其未加密传递给节点，节点将能够正常处理它?或者我是否需要配置 Nodejs 以支持 ssl?

I'm gonna have to add SSL over http connections, so I have the following question: do I only need to configure nginx to enable ssl? And it will automatically "uncrypt" the request and pass it uncrypted to Node which will be able to handle it normally? Or do I need to configure Nodejs to support ssl as well?

推荐答案

如果您使用 nginx 来处理 SSL，那么您的节点服务器将只使用 http.

If you're using nginx to handle SSL, then your node server will just be using http.

    upstream nodejs {
          server 127.0.0.1:4545 max_fails=0;
    }

   server {
      listen 443;
      ssl    on;
      ssl_certificate    newlocalhost.crt;
      ssl_certificate_key     newlocalhost.key;
      server_name nodejs.newlocalhost.com;

      add_header Strict-Transport-Security max-age=500;

      location / {
        proxy_pass  http://nodejs;
        proxy_redirect off;
        proxy_set_header Host $host ;
        proxy_set_header X-Real-IP $remote_addr ;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for ;
        proxy_set_header X-Forwarded-Proto https;
      }
   }

这篇关于nginx 代理传节点，SSL?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！