One*_*rld 1 nginx amazon-ec2 aws-api-gateway
我有一个用例,我必须从EC2上托管的nginx调用AWS API Gateway.由于API网关默认使用SSL,我试图使用SSL设置nginx上游,但无法成功配置它.
我收到以下错误:
SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream, client: yy.yy.yy.yy, server: api-gateway.cloud, request: "GET /devint/echo HTTP/1.1", upstream: "https://zz.zz.zz.zz:443/devint/echo", host: "xx.xx.xx.xx:8000"
我应该如何解决它.
我也在走这个兔子洞.CloudFront在接受请求之前需要发送一些额外的标头.
这似乎符合AWS的预期:
set $upstream_endpoint ROOT_API_GATEWAY_FQDN;
resolver DNS_RESOLVER_IP;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-NginX-Proxy true;
proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
proxy_ssl_server_name on;
proxy_pass https://$upstream_endpoint;
proxy_buffering off;
解决您的特定问题的部分是设置proxy_ssl_protocols TLSv1 TLSv1.1 TLSv1.2和proxy_ssl_server_name on.
| 归档时间: |
|
| 查看次数: |
799 次 |
| 最近记录: |