标签: nginx-status

当我尝试使用此配置启动 nginx 服务器时，出现错误

nginx: [emerg] no ssl_client_certificate for ssl_client_verify

我的配置看起来像

# HTTPS server
server {
    listen       4443;
    server_name  localhost;
    ssl                  on;
    ssl_certificate      /home/user/conf/ssl/server.pem;
    ssl_certificate_key  /home/user/conf/ssl/server.pem;
    ssl_protocols        TLSv1.2;

    ssl_verify_client optional;
    ssl_trusted_certificate /home/user/ssl/certs/certificate_bundle.pem;

    include conf.d/api_proxy.conf;
}

根据错误，我应该使用ssl_client_certificate指令，但根据文档，如果我不想将证书列表发送给客户端，我应该使用ssl_trusted_certificate.

http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate

有人可以帮我弄清楚我错过了什么吗？

我正在配置一个NGINX Reverse Proxy.

在浏览器上我去：
客户端网址： https : //www.hollywood.com

那么上面的网页需要做的请求是：
server url: https://server.hollywood.com/api/auth/login

这是对应的配置server.hollywood.com：

server {
    listen 443 ssl;
    server_name             server.hollywood.com;
    # add_header 'Access-Control-Allow-Origin' "https://www.hollywood.com" always;
    add_header 'Access-Control-Allow-Credentials' 'true' always;
    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
    add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
    ssl_certificate         ../ssl/lets-encrypt/hollywood.com.crt;
    ssl_certificate_key     ../ssl/lets-encrypt/hollywood.com.key;
    location /
    {
        proxy_pass http://localhost:9201;
        include "../proxy_params.conf";
    }
}

实验一：

Access-Control-Allow-Origin注释掉该行后，当我访问：
客户端网址： https : //www.hollywood.com

我在浏览器控制台上收到以下错误（在我的例子中是 Chrome）：

POST https://server.hollywood.com/api/auth/login/local 502 (Bad Gateway)
(index):1 Failed to load https://server.hollywood.com/api/auth/login/local: No 'Access-Control-Allow-Origin' header …

我写了这个/etc/nginx/conf.d/apply.conf并启动了nginx。

server {
  location = /hoge {
    return 200;
  }
}

但curl命令失败。

curl localhost:80/hoge

它说

<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.13.9</center>
</body>
</html>

日志是

open() "/usr/share/nginx/html/hoge" failed (2: No such file or directory), client: 127.0.0.1, server: localhost, request: "GET /hoge HTTP/1.1", host: "localhost"

我只想返回没有响应正文或响应正文为空白的状态代码。

我改成这个但仍然不起作用。

location /hoge {
return 200 'Wow';
add_header Content-Type text/plain;
}

也尝试过这个。

location /hoge {
return 200 'Wow';
default_type text/plain;
}