部署 puma 生产环境下 https 协议错误

sec · April 13, 2017 · Last by dudu_zzzz replied at April 14, 2017 · 2640 hits

请问 puma 使用 https 默认为 http 协议？

production.rb 添加 config.force_ssl = true

puma.access.log

2017-04-13 17:03:48 +0800: HTTP parse error, malformed request (127.0.0.1): #<Puma::HttpParserError: Invalid HTTP format, parsing fails.>
2017-04-13 17:03:48 +0800: ENV: {"rack.version"=>[1, 3], "rack.errors"=>#<IO:/home/deploy/apps/cor/current/log/puma.access.log>, "rack.multithread"=>true, "rack.multiprocess"=>false, "rack.run_once"=>false, "SCRIPT_NAME"=>"", "QUERY_STRING"=>"", "SERVER_PROTOCOL"=>"HTTP/1.1", "SERVER_SOFTWARE"=>"puma 3.8.2 Sassy Salamander", "GATEWAY_INTERFACE"=>"CGI/1.2", "REMOTE_ADDR"=>"127.0.0.1"}

nginx.conf

upstream xx{
  server unix:///home/deploy/apps/xx/shared/tmp/sockets/puma.sock;
}

server {
    listen 443 ssl;
  server_name name
  ssl_certificate /etc/letsencrypt/live/xx/fullchain.pem;   
  ssl_certificate_key /etc/letsencrypt/live/xx/privkey.pem;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on; 

  root /home/deploy/apps/xx/current/public;
  access_log /home/deploy/apps/xx/current/log/nginx.access.log;
  error_log /home/deploy/apps/xx/current/log/nginx.error.log info;

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  } 

  try_files $uri/index.html $uri @xx;
  location @xx{
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://xx;
  } 

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}  
}

dudu_zzzz #1 April 14, 2017

config.force_ssl = false

sec closed this topic. 19 Apr 15:02

You need to Sign in before reply, if you don't have an account, please Sign up first.