使用SSL的基本Redbird反向代理在Ubuntu Server 14.04上不起作用
这工作,通过去https://sensorypanel.nettesting:
var fs = require('fs'); var http = require('http'); http.createServer(function(req, res) { res.writeHead(200, {'Content-Type': 'text/plain'}); res.end('Hello World\n'); }).listen(80, '0.0.0.0'); var https = require('https'); var options = { key: fs.readFileSync('certs/sensorypanel.net/sensorypanel_net-key.pem'), cert: fs.readFileSync('certs/sensorypanel.net/sensorypanel_net.crt'), ca: fs.readFileSync('certs/ca_bundle.crt') }; https.createServer(options, function(req, res) { res.writeHead(200, {'Content-Type': 'text/plain'}); res.end('Hello SSL World\n'); }).listen(443, '0.0.0.0'); 但是使用Redbird作为反向代理,这不起作用:
var redbird = require('redbird'), http = require('http'); var proxy = redbird({ port: 80, ssl: { port: 443, key: 'certs/sensorypanel.net/sensorypanel_net-key.pem', cert: 'certs/sensorypanel.net/sensorypanel_net.crt', ca: 'certs/ca_bundle.crt' } }); proxy.register('sensorypanel.net', 'http://localhost:4001', {ssl: true}); http.createServer(function(req, res) { console.log('Got a request!'); res.writeHead(200, {'Content-Type': 'text/plain'}); res.end('Hello World\n'); }).listen(4001, '0.0.0.0');
连接不会立即被拒绝。 它只是挂起。 我仍然可以通过http://sensorypanel.net:4001绕过代理,validation底层的HTTP服务正在工作。 防火墙已closures。
这是一个日志的例子:
{"name":"redbird","hostname":"sensorypanel.net","pid":1370,"level":30,"msg":"Listening to HTTPS requests on port 443","time":"2015-08-26T04:46:05.919Z","v":0} {"name":"redbird","hostname":"sensorypanel.net","pid":1370,"level":30,"msg":"80 'Started a Redbird reverse proxy server'","time":"2015-08-26T04:46:05.925Z","v":0} {"name":"redbird","hostname":"sensorypanel.net","pid":1370,"level":30,"from": {"protocol":"http:","slashes":true,"auth":null,"host":"sensorypanel.net","port":null,"hostname":"sensorypanel.net","hash":null,"search":null,"query":null,"pathname":"/","path":"/","href":"http://sensorypanel.net/"},"to": {"protocol":"http:","slashes":true,"auth":null,"host":"localhost:4001","port":"4001","hostname":"localhost","hash":null,"search":null,"query":null,"pathname":"/","path":"/","href":"http://localhost:4001/","sslRedirect":true,"useTargetHostHeader":false},"msg":"Registered a new route","time":"2015-08-26T04:46:05.931Z","v":0} {"name":"redbird","hostname":"sensorypanel.net","pid":1370,"level":50,"err":{"message":"socket hang up","name":"Error","stack":"Error: socket hang up\n at TLSSocket.<anonymous> (_tls_wrap.js:664:25)\n at TLSSocket.emit (events.js:107:17)\n at TCP.close (net.js:485:12)","code":"ECONNRESET"},"msg":"HTTPS Client Error","time":"2015-08-26T04:46:27.847Z","v":0} {"name":"redbird","hostname":"sensorypanel.net","pid":1370,"level":50,"err":{"message":"socket hang up","name":"Error","stack":"Error: socket hang up\n at TLSSocket.<anonymous> (_tls_wrap.js:664:25)\n at TLSSocket.emit (events.js:107:17)\n at TCP.close (net.js:485:12)","code":"ECONNRESET"},"msg":"HTTPS Client Error","time":"2015-08-26T04:46:41.931Z","v":0}
这是在这里和这里报告的红鸟的一个错误。 这是由一些node.js API中的更改引起的,它在2015年10月27日的这个提交中得到修复。如果你有同样的问题,你应该升级你的redbird到一个更新的版本。