时间戳

首页 > 解决方案 > 主机和 docker nginx https 设置

docker - 主机和 docker nginx https 设置

问题描述

网站使用ubuntu lnmp,并且host已经设置https成功。端口是 443。

https://[subdomain_host.mydomain]/

机器中也有 docker 容器。我想换成https。

https://[subdomain_docker.mydomain]:8080/

浏览器会显示错误信息ERR_SSL_PROTOCOL_ERROR

我如何解决它?

这是我在 docker 容器中的 nginx conf

server {
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_comp_level 2;
    gzip_types text/plain application/javascript application/x-javascript text/css application/xml text/javascript application/x-httpd-php image/jpeg image/gif image/png;
    gzip_vary off;
    gzip_disable "MSIE [1-6]\.";
    client_max_body_size 200m;

    root    /app/dist;
    index   index.html;

    location /api/ {
            rewrite         /api/(.*) /$1 break;
            proxy_pass      https://localhost:8000/;
    }

    listen              8080 ssl http2;
    server_name         [subdomain_docker.mydomain];
    ssl_certificate     /app/nginx/server.crt;
    ssl_certificate_key /app/nginx/server.key;


    #enable ssl
    ssl                       on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers      "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
}

编辑 1:在 nginx conf 中将端口 8080 更改为 443,然后运行新容器docker run -d -p 8080:443 ...,用于docker ps检查

# docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                                       NAMES
011b5e6fd12c        da8d                "/bin/bash /app/dock…"   7 seconds ago       Up 7 seconds        8000/tcp, 8080/tcp, 0.0.0.0:8080->443/tcp

使用浏览器查看https://[subdomain_docker.mydomain]

但结果显示与 相同https://[subdomain_host.mydomain],而不是https://[subdomain_docker.mydomain]

如果我打开https://[subdomain_docker.mydomain]:8080/,网页会显示这个

This site can’t provide a secure connection
[subdomain_docker.mydomain] sent an invalid response.
Try running Windows Network Diagnostics.
ERR_SSL_PROTOCOL_ERROR

如何解决?

标签: dockernginxhttps

解决方案

推荐阅读