根源问题还是SSL证书的问题,CF是自签名的证书,你懂的
之前在
宝塔那些事(一):NGINX管理篇
中的
反代CloudFlare出现错误的解决方法
中有提到解决方案
在反代的配置文件里面
两个location区块都加上:
proxy_ssl_name $host;
proxy_ssl_server_name on;
或者(记得换域名)
proxy_ssl_server_name on;
proxy_pass https://www.qq.com;
今天实战测试了下还是有问题,需要进行如下调整【域名自己换】
proxy_ssl_name www.blueskyxn.com;
proxy_ssl_server_name on;
最后参考效果:
#PROXY-START/
location ~* \.(php|jsp|cgi|asp|aspx)$
{
proxy_ssl_name www.blueskyxn.com;
proxy_ssl_server_name on;
proxy_pass https://www.blueskyxn.com;
proxy_set_header Host www.blueskyxn.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
}
location ~* \.(html|jpg|jpeg|mp4|ico|gif|png|webp|svg)$
{
proxy_ssl_name www.blueskyxn.com;
proxy_ssl_server_name on;
proxy_pass https://www.blueskyxn.com;
proxy_set_header Host www.blueskyxn.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
add_header X-Cache $upstream_cache_status;
#Set Nginx Cache
proxy_ignore_headers Set-Cookie Cache-Control expires;
add_header Cache-Control no-cache;
expires 12h;
}
#PROXY-END/