我在他面前做了一个基于Tomcat和Nginx的Web项目。
必须努力工作才能使其无错误地运行。
但是,当我将 ssl 添加到 nginx 时。停止工作的服务器发送事件。
如果我直接访问后端服务器 - 它可以工作,所以 nginx 的某个地方有问题。
有人有这样的问题吗?
这是配置的相关部分
我的 nginx.conf (我还没有使用启用站点,并且也将我的应用程序配置在这里。基本设置在conf末尾)。 /SecurConfig/api/tutorial/listen - 是事件源
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
root /data/;
server{
listen 80;
# server_name ajaxdemo.in.ua;
# proxy_set_header Host ajaxdemo.in.ua;
location / {
rewrite ^(.*)$ https://ajaxdemo.in.ua$1 permanent;
}
}
server {
#listen 80;
listen 443 default ssl;
#ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
location / {
root /data/www;
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';
if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {
set $co "jsessionid=$1";
}
#proxy_set_header Cookie "$co";
proxy_pass http://127.0.0.1:1666/SecurConfig/;
#proxy_pass http://88.81.229.142:1666/SecurConfig/;
add_before_body /header.html;
add_after_body /footer.html;
}
location /SecurConfig/api/tutorial/listen {
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';
##Server sent events set
proxy_set_header Connection '';
proxy_http_version 1.1;
chunked_transfer_encoding off;
proxy_connect_timeout 300;
proxy_send_timeout 300;
proxy_read_timeout 300;
proxy_buffering on;
proxy_buffer_size 8k;
#proxy_cache off;
##
if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {
set $co "jsessionid=$1";
}
#proxy_set_header Cookie "$co";
proxy_pass http://127.0.0.1:1666/;
#proxy_pass http://88.81.229.142:1666/;
}
location /SecurConfig/ {
root /data/www;
add_header 'Access-Control-Allow-Origin' *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET';
if ($http_cookie ~* "jsessionid=([^;]+)(?:;|$)") {
set $co "jsessionid=$1";
}
#proxy_set_header Cookie "$co";
proxy_pass http://127.0.0.1:1666/;
#proxy_pass http://88.81.229.142:1666/;
add_before_body /header.html;
add_after_body /footer.html;
}
location ~ \.css$ {
root /data/css/;
}
location /header.html {
root /data/www;
}
location /footer.html {
root /data/www;
}
location ~ \.(gif|jpg|png|jpeg)$ {
root /data/images;
}
}
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
client_max_body_size 100m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
# include /etc/nginx/sites-enabled/*;
}
nginx的错误日志中没有错误条目。
但在访问日志中也提到了对 /SecurConfig/api/tutorial/listen 的访问。代码 200 表示“一切正常”
“GET /SecurConfig/api/tutorial/listen HTTP/1.1”200 187“https://ajaxdemo.in.ua/SecurConfig/api/tutorial/map/11111111" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:34.0) Gecko/20100101 Firefox/34.0"
Tomcat 日志显示对 /Secure Config/api/tutorial/listen 的访问照常(例如,检查安全访问、接受它并发送到控制器)。
如果我在 Chrome 开发者模式下运行我的页面,我会看到此错误
GET https://ajaxdemo.in.ua/SecurConfig/api/tutorial/listen net::ERR_EMPTY_RESPONSE
UPD
Okay. While i searched info on internet, i left my page with SSE opened. And after 10 minutes, i saw, that my data appeared just as it must be. I commented all settings according to buffering
#proxy_buffering on;
#proxy_buffer_size 8k;
#proxy_cache off;
我还评论了参数
#proxy_connect_timeout 300;
#proxy_send_timeout 300;
#proxy_read_timeout 300;
所以这个参数返回了默认值(大约20秒)
我的所有数据在大约 20 秒后出现。
所以我设置了
proxy_connect_timeout 2;
proxy_send_timeout 2;
proxy_read_timeout 2;
而且数据出现得更快。但在启用 ssl 事件之前,它仍然是一整块(一次 3-4 个事件),事件一一显示。
仍然需要您的帮助和解释,我错在哪里。
UPD
Here is conhiguration from my server, when i "turn off" ssl and SSE works.
ssl is off - sse works
80 port redirecting to 443 ssl - sse not works