nginx不允许在启用SSL的情况下上载大型文件
当我将客户端\最大\主体\大小设置为0时;如果没有ssl,文件上载过程将正常工作。然而,当我切换到ssl时,它完全忽略了这个指令。这只发生在nginx上,如果我只使用sails,它通过SSL工作良好。调试日志在文章的底部 我对nginx.conf的配置如下所示:nginx不允许在启用SSL的情况下上载大型文件,ssl,nginx,proxy,upload,Ssl,Nginx,Proxy,Upload,当我将客户端\最大\主体\大小设置为0时;如果没有ssl,文件上载过程将正常工作。然而,当我切换到ssl时,它完全忽略了这个指令。这只发生在nginx上,如果我只使用sails,它通过SSL工作良好。调试日志在文章的底部 我对nginx.conf的配置如下所示: http { ## # Basic Settings ## sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_time
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
#server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
client_max_body_size 0;
server {
listen 80 default_server;
server_name mysite.co.uk;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
ssl on;
server_name mysslsite.co.uk;
client_max_body_size 0;
ssl_certificate /ssl/mycert.pem;
ssl_certificate_key /ssl/mycertkey.key;
proxy_set_header X-Forwarded-For $remote_addr;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
server_tokens off;
location / {
client_body_temp_path /tmp/;
client_max_body_size 0;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
proxy_request_buffering off;
proxy_pass https://localip:port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
我的VHost配置如下所示:
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
#server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
client_max_body_size 0;
server {
listen 80 default_server;
server_name mysite.co.uk;
return 301 https://$server_name$request_uri;
}
server {
listen 443;
ssl on;
server_name mysslsite.co.uk;
client_max_body_size 0;
ssl_certificate /ssl/mycert.pem;
ssl_certificate_key /ssl/mycertkey.key;
proxy_set_header X-Forwarded-For $remote_addr;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
server_tokens off;
location / {
client_body_temp_path /tmp/;
client_max_body_size 0;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
proxy_request_buffering off;
proxy_pass https://localip:port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
以下是它不工作时的调试日志:
2017/01/18 11:35:17 [debug] 19626#19626: *67 event timer: 18, old: 1484739321930, new: 1484739322088
2017/01/18 11:35:17 [debug] 19626#19626: *67 http empty handler
2017/01/18 11:35:17 [debug] 19626#19626: *67 http lingering close handler
2017/01/18 11:35:17 [debug] 19626#19626: *67 SSL_read: 0
2017/01/18 11:35:17 [debug] 19626#19626: *67 SSL_get_error: 5
2017/01/18 11:35:17 [debug] 19626#19626: *67 peer shutdown SSL cleanly
2017/01/18 11:35:17 [debug] 19626#19626: *67 lingering read: 0
2017/01/18 11:35:17 [debug] 19626#19626: *67 http request count:1 blk:0
2017/01/18 11:35:17 [debug] 19626#19626: *67 http close request
2017/01/18 11:35:17 [debug] 19626#19626: *67 http log handler
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE7759C630
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE77598150
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775C43F0, unused: 4
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE77539DB0, unused: 8
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775AB400, unused: 2446
2017/01/18 11:35:17 [debug] 19626#19626: *67 close http connection: 18
2017/01/18 11:35:17 [debug] 19626#19626: *67 SSL_shutdown: 1
2017/01/18 11:35:17 [debug] 19626#19626: *67 event timer del: 18: 1484739321930
2017/01/18 11:35:17 [debug] 19626#19626: *67 reusable connection: 0
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775A0A80
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775D1BE0
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775AF660, unused: 16
2017/01/18 11:35:17 [debug] 19626#19626: *67 free: 000055FE775E9CC0, unused: 400
对于我可能遗漏的内容,我们将不胜感激。您确定这是nginx的问题,而不是后端问题吗?如果我关闭nginx并使用端口443上的sail,肯定是nginx的问题。如果我关闭SSL,它也可以正常工作。似乎打开SSL会禁用客户端\u max\u body\u size 0;