SSL: estado del proxy http de Nginx 400 "400 Solicitud incorrecta"

tag-icon tag-icon tls certificate-authority openssl nginx
SSL: estado del proxy http de Nginx 400 "400 Solicitud incorrecta"

Implementé un conjunto de API Restful usando Scala. Ahora, estoy en la situación de proteger las API usandoSSL. Así que creé el certificado autofirmado usando openssl. Seguí todos los pasos de esto.enlace.

Creé el certificado y lo configuré correctamente en nginx. Estoy usando Postman para invocar las API Restful con HTTPS/HTTP.

cuando invocohttpsolicitud del cartero, obtuve la respuesta exitosa. Pero cuando invocohttpsSolicitud, no obtuve respuesta.

No se pudo obtener ninguna respuestaHubo un error al conectarse ahttps://local.dev.api/api/auth/login.

A continuación se muestra la configuración de nginx.

nginx.conf

#user  nobody;
worker_processes auto;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';

    #access_log  logs/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log debug;

    #gzip  on;

    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    server {
        listen       80;
        server_name  local.dev.api;

        location /api/auth/login {
                proxy_http_version 1.1;
                proxy_pass http://api-login;
        }
    }

    upstream api-login {
        server 10.10.1.78:8090;
    }


    # HTTPS server
    #
    server {
        listen       443;
        server_name  local.dev.api;
        ssl on;
        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
        ssl_ciphers         HIGH:!aNULL:!MD5;

        location /api/auth/login {
            proxy_http_version 1.1;
            proxy_pass http://api-login;
        }

        ssl_certificate localhost.crt;
        ssl_certificate_key localhost.key;
    }

    include servers/*;
}

error de nginx.log

Veo "estado del proxy http 400 "400 Solicitud incorrecta"" en el registro. ¿Cómo soluciono este problema? Ayúdame a solucionar esto.

2018/04/04 12:44:09 [debug] 41855#0: accept on 0.0.0.0:443, ready: 1
2018/04/04 12:44:09 [debug] 41855#0: posix_memalign: 00007FAD4A405E50:512 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 accept: 127.0.0.1:49637 fd:3
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 3: 60000:179934202
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 3: ft:-1 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http check ssl handshake
2018/04/04 12:44:09 [debug] 41855#0: *6 http recv(): 1
2018/04/04 12:44:09 [debug] 41855#0: *6 https ssl handshake: 0x16
2018/04/04 12:44:09 [debug] 41855#0: *6 tcp_nodelay
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL server name: "local.dev.api"
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL NPN advertised
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_do_handshake: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL handshake handler: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_do_handshake: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL: TLSv1.2, cipher: "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) Mac=AEAD"
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 http wait request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4A800000:1024
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4A800000
2018/04/04 12:44:09 [debug] 41855#0: *6 http wait request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4B818A00:1024
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: 897
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_read: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_get_error: 2
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4B81DA00:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 http process request line
2018/04/04 12:44:09 [debug] 41855#0: *6 http request line: "POST /api/auth/login HTTP/1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http uri: "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http args: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 http exten: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4B800000:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 http process request header line
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "cache-control: no-cache"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "User-Agent: PostmanRuntime/7.1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Accept: */*"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Host: local.dev.api"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "accept-encoding: gzip, deflate"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "content-length: 609"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header: "Connection: keep-alive"
2018/04/04 12:44:09 [debug] 41855#0: *6 http header done
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 3: 179934202
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 rewrite phase: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 test location: "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 using configuration "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http cl:609 max:1048576
2018/04/04 12:44:09 [debug] 41855#0: *6 rewrite phase: 3
2018/04/04 12:44:09 [debug] 41855#0: *6 post rewrite phase: 4
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 5
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 6
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 7
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 8
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 9
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 10
2018/04/04 12:44:09 [debug] 41855#0: *6 access phase: 11
2018/04/04 12:44:09 [debug] 41855#0: *6 post access phase: 12
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 13
2018/04/04 12:44:09 [debug] 41855#0: *6 generic phase: 14
2018/04/04 12:44:09 [debug] 41855#0: *6 http client request body preread 609
2018/04/04 12:44:09 [debug] 41855#0: *6 http request body content length filter
2018/04/04 12:44:09 [debug] 41855#0: *6 http body new buf t:1 f:0 00007FAD4B818B20, pos 00007FAD4B818B20, size: 609 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http init upstream, client timer: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 3: ft:-2 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Host"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script var: "api-login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Connection"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "close"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: "Content-Length"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script var: "609"
2018/04/04 12:44:09 [debug] 41855#0: *6 http script copy: ""
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "cache-control: no-cache"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "User-Agent: PostmanRuntime/7.1.1"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Accept: */*"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "accept-encoding: gzip, deflate"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header:
"POST /api/auth/login HTTP/1.1
Host: api-login
Connection: close
Content-Length: 609
Content-Type: application/json
cache-control: no-cache
Postman-Token: a42bed6a-7e36-4ab8-96d5-1ac51fd886c1
User-Agent: PostmanRuntime/7.1.1
Accept: */*
accept-encoding: gzip, deflate

"
2018/04/04 12:44:09 [debug] 41855#0: *6 http cleanup add: 00007FAD4B800AB0
2018/04/04 12:44:09 [debug] 41855#0: *6 get rr peer, try: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 stream socket 5
2018/04/04 12:44:09 [debug] 41855#0: *6 connect to 10.10.1.78:8090, fd:5 #7
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 5: ft:-1 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 kevent set event: 5: ft:-2 fl:0025
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream connect: -2
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4A700420:128 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 5: 60000:179934213
2018/04/04 12:44:09 [debug] 41855#0: *6 http finalize request: -4, "/api/auth/login?" a:1, c:2
2018/04/04 12:44:09 [debug] 41855#0: *6 http request count:2 blk:0
2018/04/04 12:44:09 [debug] 41855#0: *6 http run request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream check client, write event:1, "/api/auth/login"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream send request body
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer buf fl:0 s:287
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer buf fl:1 s:609
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer in: 00007FAD4B800B10
2018/04/04 12:44:09 [debug] 41855#0: *6 writev: 896 of 896
2018/04/04 12:44:09 [debug] 41855#0: *6 chain writer out: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 5: 179934213
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 5: 60000:179934214
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream dummy handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream request: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream process header
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4C001C00:4096
2018/04/04 12:44:09 [debug] 41855#0: *6 recv: eof:1, avail:461, err:0
2018/04/04 12:44:09 [debug] 41855#0: *6 recv: fd:5 461 of 4096
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy status 400 "400 Bad Request"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Origin: *"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Credentials: true"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Access-Control-Allow-Headers: auth, Authorization, Content-Type, X-Requested-With"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Server: akka-http/10.0.10"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Date: Wed, 04 Apr 2018 07:14:09 GMT"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Connection: close"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Type: application/json"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header: "Content-Length: 142"
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy header done
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4C002C00:4096 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 HTTP/1.1 400 Bad Request
Server: nginx/1.13.10
Date: Wed, 04 Apr 2018 07:14:09 GMT
Content-Type: application/json
Content-Length: 142
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: auth, Authorization, Content-Type, X-Requested-With

2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:0 f:0 s:320
2018/04/04 12:44:09 [debug] 41855#0: *6 http cacheable: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http proxy filter init s:400 h:0 c:0 l:142
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream process upstream
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe read upstream: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe preread: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe buf free s:0 t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe length: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 input buf #0
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream flush in
2018/04/04 12:44:09 [debug] 41855#0: *6 http output filter "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http postpone filter "/api/auth/login?" 00007FAD4B800B20
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:0 f:0 s:462
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: 0 "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 pipe write downstream done
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer: 5, old: 179934214, new: 179934234
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream exit: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 finalize http upstream request: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 finalize http proxy request
2018/04/04 12:44:09 [debug] 41855#0: *6 free rr peer 1 0
2018/04/04 12:44:09 [debug] 41855#0: *6 close http upstream connection: 5
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4A700420, unused: 48
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer del: 5: 179934214
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http upstream temp fd: -1
2018/04/04 12:44:09 [debug] 41855#0: *6 http output filter "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http postpone filter "/api/auth/login?" 00007FFF5E049670
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C002C20, pos 00007FAD4C002C20, size: 320 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write old buf t:1 f:0 00007FAD4C001C00, pos 00007FAD4C001D3F, size: 142 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 write new buf t:0 f:0 0000000000000000, pos 0000000000000000, size: 0 file: 0, size: 0
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter: l:1 f:0 s:462
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter limit 0
2018/04/04 12:44:09 [debug] 41855#0: *6 posix_memalign: 00007FAD4A700060:512 @16
2018/04/04 12:44:09 [debug] 41855#0: *6 malloc: 00007FAD4C003C00:16384
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL buf copy: 320
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL buf copy: 142
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL to write: 462
2018/04/04 12:44:09 [debug] 41855#0: *6 SSL_write: 462
2018/04/04 12:44:09 [debug] 41855#0: *6 http write filter 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 http copy filter: 0 "/api/auth/login?"
2018/04/04 12:44:09 [debug] 41855#0: *6 http finalize request: 0, "/api/auth/login?" a:1, c:1
2018/04/04 12:44:09 [debug] 41855#0: *6 set http keepalive handler
2018/04/04 12:44:09 [debug] 41855#0: *6 http close request
2018/04/04 12:44:09 [debug] 41855#0: *6 http log handler
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C001C00
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B81DA00, unused: 8
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B800000, unused: 48
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C002C00, unused: 3248
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4B818A00
2018/04/04 12:44:09 [debug] 41855#0: *6 hc free: 0000000000000000
2018/04/04 12:44:09 [debug] 41855#0: *6 hc busy: 0000000000000000 0
2018/04/04 12:44:09 [debug] 41855#0: *6 free: 00007FAD4C003C00
2018/04/04 12:44:09 [debug] 41855#0: *6 reusable connection: 1
2018/04/04 12:44:09 [debug] 41855#0: *6 event timer add: 3: 65000:179939234
2018/04/04 12:44:09 [debug] 41855#0: *6 http empty handler

información relacionada