根源问题还是SSL证书的问题,CF是自签名的证书,你懂的
之前在
宝塔那些事(一):NGINX管理篇
中的
反代CloudFlare出现错误的解决方法
中有提到解决方案
在反代的配置文件里面
两个location区块都加上:
proxy_ssl_name $host; proxy_ssl_server_name on;
或者(记得换域名)
proxy_ssl_server_name on; proxy_pass https://www.qq.com;
今天实战测试了下还是有问题,需要进行如下调整【域名自己换】
proxy_ssl_name www.blueskyxn.com; proxy_ssl_server_name on;
最后参考效果:
#PROXY-START/ location ~* \.(php|jsp|cgi|asp|aspx)$ { proxy_ssl_name www.blueskyxn.com; proxy_ssl_server_name on; proxy_pass https://www.blueskyxn.com; proxy_set_header Host www.blueskyxn.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; } location ~* \.(html|jpg|jpeg|mp4|ico|gif|png|webp|svg)$ { proxy_ssl_name www.blueskyxn.com; proxy_ssl_server_name on; proxy_pass https://www.blueskyxn.com; proxy_set_header Host www.blueskyxn.com; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header REMOTE-HOST $remote_addr; add_header X-Cache $upstream_cache_status; #Set Nginx Cache proxy_ignore_headers Set-Cookie Cache-Control expires; add_header Cache-Control no-cache; expires 12h; } #PROXY-END/