openresty 新建网站,用域名:端口号的方式访问。
在设置https后,配置文件中添加https端口信息
listen 789 ssl http2 ;
结果访问网站显示:
500 Internal Server Error
openresty
请问是什么情况?
防火墙和端口转发检查过没有问题。
openresty 新建网站,用域名:端口号的方式访问。
在设置https后,配置文件中添加https端口信息
listen 789 ssl http2 ;
结果访问网站显示:
500 Internal Server Error
openresty
请问是什么情况?
防火墙和端口转发检查过没有问题。
先检查下配置文件:nginx -t 看看有没有配置上的问题
如果代理的后端服务,再检查下后端服务的状态
nginx -t 检查没有问题,容器也都显示运转正常
看openresty的站点日志报错
站点内的error.log显示:
2024/05/31 01:53:10 [warn] 6#6: no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder: r3.o.lencr.org, certificate: "/www/sites/abc.com/ssl/fullchain.pem"
2024/05/31 02:19:17 [error] 6#6: *39728 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: abc.com, server: 0.0.0.0:1234
2024/05/31 02:19:17 [error] 6#6: *39729 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:17 [error] 6#6: *39730 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:17 [error] 6#6: *39731 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:18 [error] 6#6: *39734 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:18 [error] 6#6: *39735 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:18 [error] 6#6: *39736 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:18 [error] 6#6: *39737 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:27 [error] 6#6: *39750 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:27 [error] 6#6: *39751 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:27 [error] 6#6: *39752 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:27 [error] 6#6: *39753 cannot load certificate "data:": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: 192.168.1.7, server: 0.0.0.0:1234
2024/05/31 02:19:35 [warn] 6#6: no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder: r3.o.lencr.org, certificate: "/www/sites/xyz.com/ssl/fullchain.pem"
2024/05/31 02:24:51 [error] 6#6: *40084 lua entry thread aborted: runtime error: ./waf.lua:51: bad argument #1 to 'ipairs' (table expected, got userdata)
stack traceback:
coroutine 0:
[C]: in function 'ipairs'
./waf.lua:51: in function 'get_website_key'
./waf.lua:72: in function 'init'
./waf.lua:171: in main chunk, client: 192.168.1.7, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.1.10:54321", referrer: "http://192.168.1.10:54321/"
2024/05/31 02:25:04 [error] 6#6: *40083 lua entry thread aborted: runtime error: ./waf.lua:51: bad argument #1 to 'ipairs' (table expected, got userdata)
stack traceback:
coroutine 0:
[C]: in function 'ipairs'
./waf.lua:51: in function 'get_website_key'
./waf.lua:72: in function 'init'
./waf.lua:171: in main chunk, client: 192.168.1.7, server: _, request: "GET /favicon.ico HTTP/1.1", host: "192.168.1.10:54321", referrer: "http://192.168.1.10:54321/"
其中访问机ip192.168.1.7
1panel 主机ip 192.168.1.10
端口1234是OpenResty的https端口
端口54321是OpenResty的http端口
abc.com是一个静态网站
xyz.com是一个反向代理
现在他们都显示 500 Internal Server Error
解析这些OpenResty日志信息,以下是每条日志的详细说明和可能的原因分析:
2024/05/31 01:53:10 [warn] 6#6: no resolver defined to resolve r3.o.lencr.org while requesting certificate status, responder: r3.o.lencr.org, certificate: “/www/sites/abc.com/ssl/fullchain.pem”
r3.o.lencr.org
。resolver 8.8.8.8;
。*2024/05/31 02:19:17 [error] 6#6: 39728 cannot load certificate “data:”: PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) while SSL handshaking, client: abc.com, server: 0.0.0.0:1234
*2024/05/31 02:24:51 [error] 6#6: 40084 lua entry thread aborted: runtime error: ./waf.lua:51: bad argument #1 to ‘ipairs’ (table expected, got userdata)
ipairs
函数期望接收到一个表,但实际得到的是userdata
。get_website_key
函数在调用ipairs
时传递了错误的数据类型。需要检查并确保传递给ipairs
的参数是一个表。DNS解析器配置问题:
resolver 8.8.8.8 valid=300s;
证书加载问题:
Lua脚本错误:
ipairs
的参数是一个表类型,修改waf.lua
脚本,添加类型检查和错误处理,例如:function get_website_key(data)
if type(data) ~= "table" then
ngx.log(ngx.ERR, "Expected table but got " .. type(data))
return nil
end
for _, v in ipairs(data) do
-- your logic here
end
end
通过以上调整,可以解决大部分日志中的警告和错误信息,确保OpenResty运行稳定。
我修改配置文件,只留了
listen 789 ssl http2 ;
也就是我删除了OpenResty的默认端口,另外,我并没有使用默认的80 和443 ,自己改的别端口。这会导致这个问题吗?