Openvas9的Nginx代理
我已经安装了openvas9,并且已经从一个证书商店安装了证书。然后我尝试使用nginx作为反向代理。我的openvas设置位于Openvas9的Nginx代理,nginx,openvas,Nginx,Openvas,我已经安装了openvas9,并且已经从一个证书商店安装了证书。然后我尝试使用nginx作为反向代理。我的openvas设置位于/etc/default/openvas gsa,如下所示 # Defaults for Greenbone Security Assistant initscript # sourced by /etc/init.d/openvas-gsa # installed at /etc/default/openvas-gsa by the maintainer script
/etc/default/openvas gsa
,如下所示
# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts
# To disable HTTPS:
#
#HTTP_ONLY=1
# To enable http redirection:
#
HTTP_REDIRECT=1
# To set listening address:
#
#LISTEN_ADDRESS="0.0.0.0"
# To set listening port number:
#
PORT_NUMBER=4000
我在/etc/nginx/sites enabled/openvas
中的nginx配置如下所示(服务器名称明显更改)
我只得到一个502坏网关
。我哪里做错了
server {
listen 80;
server_name vas.novarumcloud.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name vas.novarumcloud.com;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header REMOTE_HOST $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-FORWARDED-PROTOCOL $scheme;
proxy_pass https://localhost:4000;
}
}
但是,您还需要转到/etc/default/openvas gsa
并具有如下设置
# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts
# To disable HTTPS:
#
#HTTP_ONLY=1
# To enable http redirection:
#
HTTP_REDIRECT=1
# To set listening address:
#
#LISTEN_ADDRESS="0.0.0.0"
# To set listening port number:
#
PORT_NUMBER=4000
我还添加了
ALLOW\u HEADER\u HOST=openvas.mydomain.com
以避免出现如下错误:gsad main:WARNING:2018-08-23 08h33.16 utc:13346:MHD:Error:received handshake message out of context
# Defaults for Greenbone Security Assistant initscript
# sourced by /etc/init.d/openvas-gsa
# installed at /etc/default/openvas-gsa by the maintainer scripts
# To disable HTTPS:
#
#HTTP_ONLY=1
# To enable http redirection:
#
HTTP_REDIRECT=1
# To set listening address:
#
#LISTEN_ADDRESS="0.0.0.0"
# To set listening port number:
#
PORT_NUMBER=4000