论坛主页 › VPS专版 › nginx 反向代理，错误信息是这个，怎么解决

josevandeb 发表于 2023-12-27 15:45:18

nginx 反向代理，错误信息是这个，怎么解决

配置文件是下面的。server {
    listen       8011;
    server_name 127.0.0.1;
    location / {
    proxy_pass https://imagedelivery.net;
    proxy_set_header X-Forwarded-Host $host;
             proxy_set_header X-Forwarded-Server $host;
             proxy_set_headerHost$host;
            proxy_set_headerX-real-ip $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}



error.log 是下面的。

2022/02/16 19:54:53 3689#3689: *1 SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.2.36:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 upstream server temporarily disabled while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.2.36:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.3.36:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 upstream server temporarily disabled while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.3.36:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 connect() to :443 failed (101: Network is unreachable) while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 upstream server temporarily disabled while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 connect() to :443 failed (101: Network is unreachable) while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://:443/", host: "打码:8011"
2022/02/16 19:54:53 3689#3689: *1 upstream server temporarily disabled while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://:443/", host: "打码:8011"

灌水王 发表于 2023-12-27 15:46:01

感觉是没设置 ssl name

灌水王 发表于 2023-12-27 15:46:40

加一个proxy_ssl_server_name on;proxy_ssl_name $host;

灌水王 发表于 2023-12-27 15:47:09

目测是cloudflare的ssl选项得切换到flexible

yuanyuanlop 发表于 2023-12-27 15:47:50

跟上游的服务器通讯失败，估计不是这两段配置文件的问题吧。

3楼提到的 proxy_ssl_server_name on 可能在有些情况下有用，遇到过一回，楼主不妨试下。

灌水王 发表于 2023-12-27 15:48:29

设置了，错误一样

titati 发表于 2023-12-27 15:49:17

知道了，不能设置$host 要手动设置cf的那个域名。

灌水王 发表于 2023-12-27 15:50:01

proxy_set_headerHost$host;

你这么写的话，就会用 127.0.0.1 去请求 Host

所以你得改成

proxy_set_headerHostimagedelivery.net;

查看完整版本: nginx 反向代理，错误信息是这个，怎么解决