前言:
在已经申请了证书的情况下,通过一般方法反向代理jumpserver 的 443端口,发现无法访问jumpserver的websocket服务的问题。经过一系列的排查最后发现nginx的配置文件应该按照特定的要求去配置,开放出来相对应的路由。
下面是配置Nginx反向代理SSL Jumpserver:请将以下配置添加到Nginx配置文件中(我通常是放在conf.d的目录下):
server {
listen 443 ssl;
server_name jumpserver.example.com; # 替换为您的域名
ssl_certificate /path/to/your/certificate.pem; # 替换为您的SSL证书路径
ssl_certificate_key /path/to/your/private.key; # 替换为您的SSL私钥路径
location / {
proxy_pass http://127.0.0.1:8080; # 替换为您的Jumpserver地址和端口
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
location /socket.io/ {
proxy_pass http://127.0.0.1:8080/socket.io/; #替换为您的Jumpserver地址和端口
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
保存Nginx配置文件并重新加载配置:请使用以下命令保存Nginx配置文件并重新加载配置:
sudo nginx -t # 检查配置文件语法是否正确
sudo systemctl reload nginx # 重新加载Nginx配置文件
评论区