嘟嘟社区

nginx 反向代理,错误信息是这个,怎么解决


配置文件是下面的。server {
    listen       8011;
    server_name 127.0.0.1;
    location / {
    proxy_pass https://imagedelivery.net;
    proxy_set_header X-Forwarded-Host $host;
             proxy_set_header X-Forwarded-Server $host;
             proxy_set_header  Host  $host;
            proxy_set_header  X-real-ip $remote_addr;
             proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

error.log 是下面的。

2022/02/16 19:54:53 [error] 3689#3689: *1 SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.2.36:443/", host: "打码:8011"
2022/02/16 19:54:53 [warn] 3689#3689: *1 upstream server temporarily disabled while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.2.36:443/", host: "打码:8011"
2022/02/16 19:54:53 [error] 3689#3689: *1 SSL_do_handshake() failed (SSL: error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure) while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.3.36:443/", host: "打码:8011"
2022/02/16 19:54:53 [warn] 3689#3689: *1 upstream server temporarily disabled while SSL handshaking to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://104.18.3.36:443/", host: "打码:8011"
2022/02/16 19:54:53 [error] 3689#3689: *1 connect() to [2606:4700::6812:224]:443 failed (101: Network is unreachable) while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://[2606:4700::6812:224]:443/", host: "打码:8011"
2022/02/16 19:54:53 [warn] 3689#3689: *1 upstream server temporarily disabled while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://[2606:4700::6812:224]:443/", host: "打码:8011"
2022/02/16 19:54:53 [error] 3689#3689: *1 connect() to [2606:4700::6812:324]:443 failed (101: Network is unreachable) while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://[2606:4700::6812:324]:443/", host: "打码:8011"
2022/02/16 19:54:53 [warn] 3689#3689: *1 upstream server temporarily disabled while connecting to upstream, client: 45.150.227.193, server: 127.0.0.1, request: "GET / HTTP/1.1", upstream: "https://[2606:4700::6812:324]:443/", host: "打码:8011"

感觉是没设置 ssl name
加一个
  1. proxy_ssl_server_name on;
  2. proxy_ssl_name $host;

复制代码

目测是cloudflare的ssl选项得切换到flexible
跟上游的服务器通讯失败,估计不是这两段配置文件的问题吧。

3楼提到的 proxy_ssl_server_name on 可能在有些情况下有用,遇到过一回,楼主不妨试下。