我在为Jenkins CI服务器设置SSL时遇到问题.我在Nginx后面使用Jenkins作为反向代理.我在jenkins.error.log文件中从上游错误中读取响应头时,正在获取这些上游过早关闭的连接.
2014/09/30 13:01:49 [error] 4875#0: *1 upstream prematurely closed connection while reading response header from upstream,client:
jenkins正在运转.我可以通过https://< SERVER IP ADDR>:8080连接(即使Chrome抱怨证书).虽然Nginx为官方网址提供了502 Bad Gateway消息.
站点可用配置:
upstream jenkins {
server 127.0.0.1:8080 fail_timeout=0;
}
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
#listen [::]:443 default ipv6only=on;
server_name jenkins.Nginx/ssl/jenkins.Nginx/ssl/Nginx/logs/jenkins.access.log;
error_log /etc/Nginx/logs/jenkins.error.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
proxy_pass http://jenkins;
}
}
最佳答案
问题出在Jenkins身上.我们最初禁用了Jenkins的http端口,只允许使用https.一旦我们再次允许http,我们只允许来自127.0.0.1的请求,这解决了我们的问题.
tl; dr:启用http端口,仅允许通过127.0.0.1的请求