Cloudfront自定义来源分布返回502

Cloudfront自定义来源分布返回502

本文介绍了Cloudfront自定义来源分布返回502“无法满足该请求的错误”。对于某些URL的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我们有一个具有自定义来源的Cloudfront发行版,该发行版已经运行了很长时间了,可以为我们的一个站点提供静态资产。就在今天早上,我们注意到我们的徽标显示为断开的链接。

We have a Cloudfront distribution with custom origin that has been working just fine for quite a long time, serving static assets for one of our sites. Just this morning, we noticed that our logo was displaying as a broken link.

在进一步调查中,Cloudfront返回了一个奇怪的错误消息,我从未见过。 :

Upon further investigation, Cloudfront is returning a strange error message that I've never seen before for the URL in question:

其他几个Cloudfront URL分布返回相同的错误,但是其他(同样来自相同的分布)也可以正常工作。我看不到什么模式有效,什么无效。

Several other Cloudfront URLs from this distribution return the same error, but then others (again, from the same distribution) are working just fine. I don't see a pattern to what works and what doesn't.

其他一些数据点:


  • 可以正常工作。据我所知,最近没有服务中断。

  • 我已经专门使徽标URL无效,而无效。

  • 我已经使发行版的根URL无效了。

  • The origin URLs work just fine. There's been no recent interruption in service, to my knowledge.
  • I've invalidated the logo URL specifically, to no effect.
  • I've invalidated the root URL of the distribution, to no effect.

有什么想法吗?我以前从未见过Cloudfront这样做。

Any idea what's going on here? I've never seen Cloudfront do this before.

更新:

这里来自Cloudfront的逐字HTTP响应:

Here's the verbatim HTTP response from Cloudfront:

$ http GET https://d2yu7foswg1yra.cloudfront.net/static/img/crossway_logo.png
HTTP/1.1 502 Bad Gateway
Age: 213
Connection: keep-alive
Content-Length: 472
Content-Type: text/html
Date: Wed, 18 Dec 2013 17:57:46 GMT
Server: CloudFront
Via: 1.1 f319e8962c0268d31d3828d4b9d41f98.cloudfront.net (CloudFront)
X-Amz-Cf-Id: H_HGBG3sTOqEomHzHubi8ruLbGXe2MRyVhGBn4apM0y_LjQa_9W2Jg==
X-Cache: Error from cloudfront

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The request could not be satisfied</TITLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The request could not be satisfied.</H2>
<HR noshade size="1px">
</BODY></HTML>

<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated by cloudfront (CloudFront)
</ADDRESS>
</BODY></HTML>


推荐答案

我最近遇到了类似的问题,事实证明这是由于我正在使用ssl_ciphers。

I had a similar issue recently which turned out to be due to ssl_ciphers that I was using.

来自,

CloudFront使用SSLv3或TLSv1协议将HTTPS请求转发到原始服务器以及AES128-SHA1或RC4-MD5密码。如果您的源服务器不支持AES128-SHA1或RC4-MD5密码,则CloudFront无法建立与您的源的SSL连接。

"CloudFront forwards HTTPS requests to the origin server using the SSLv3 or TLSv1 protocols and the AES128-SHA1 or RC4-MD5 ciphers. If your origin server does not support either the AES128-SHA1 or RC4-MD5 ciphers, CloudFront cannot establish an SSL connection to your origin."

我必须更改我的nginx confg,以将AES128-SHA(不推荐使用RC4:HIGH)添加到ssl_ciphers中以修复302错误。我希望这有帮助。我已经从ssl.conf中粘贴了该行

I had to change my nginx confg to add AES128-SHA ( deprecated RC4:HIGH ) to ssl_ciphers to fix the 302 error. I hope this helps. I have pasted the line from my ssl.conf

ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:RSA+3DES:AES128-SHA:!ADH:!AECDH:!MD5;

这篇关于Cloudfront自定义来源分布返回502“无法满足该请求的错误”。对于某些URL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

09-05 16:13