【待反馈】java 部署前后端分离项目 无法使用

为了能快速了解并处理您的问题，请提供以下基础信息：

面板、插件版本： Linux面板9.3.0

系统版本：CentOS 7

问题描述：使用ssl 后后端接口就无法使用，后端项目启动用的是1001，好像是代理无法到1001

相关截图（日志、错误）：Mixed Content: The page at 'https://java24xiao.***.work/#/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://java24xiao.***.work:1001/web/menu/login'. This request has been blocked; the content must be served over HTTPS.

1. server
   
2. {
   
3.     listen 80;
   
4.     # listen 443 ssl http2 ;
   
5.     listen 1001 ssl http2 ;
   
6.     server_name java24xiao.***.work;
   
7.     index index.html index.htm default.htm default.html;
   
8.     root /www/wwwroot/java24xiaoxiaoxiao;
   
9.     #CERT-APPLY-CHECK--START
   
10.     # 用于SSL证书申请时的文件验证相关配置 -- 请勿删除
    
11.     include /www/server/panel/vhost/nginx/well-known/ad_jar.conf;
    
12.     #CERT-APPLY-CHECK--END
    
13. 
    
14.     #SSL-START SSL相关配置，请勿删除或修改下一行带注释的404规则
    
15.     #error_page 404/404.html;
    
16.     #HTTP_TO_HTTPS_START
    
17.     set $isRedcert 1;
    
18.     if ($server_port != 443) {
    
19.         set $isRedcert 2;
    
20.     }
    
21.     if ( $uri ~ /\.well-known/ ) {
    
22.         set $isRedcert 1;
    
23.     }
    
24.     if ($isRedcert != 1) {
    
25.         rewrite ^(/.*)$ https://$host$1 permanent;
    
26.     }
    
27.     #HTTP_TO_HTTPS_END
    
28.     ssl_certificate    /www/server/panel/vhost/cert/ad_jar/fullchain.pem;
    
29.     ssl_certificate_key    /www/server/panel/vhost/cert/ad_jar/privkey.pem;
    
30.     ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
    
31.     ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
    
32.     ssl_prefer_server_ciphers on;
    
33.     ssl_session_tickets on;
    
34.     ssl_session_cache shared:SSL:10m;
    
35.     ssl_session_timeout 10m;
    
36.     add_header Strict-Transport-Security "max-age=31536000";
    
37.     error_page 497  https://$host$request_uri;
    
38. 
    
39.     #SSL-END
    
40. 
    
41.     #REWRITE-START 伪静态相关配置
    
42.     include /www/server/panel/vhost/rewrite/java_ad_jar.conf;
    
43.     #REWRITE-END
    
44. 
    
45.     #禁止访问的文件或目录
    
46.     location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md|package.json|package-lock.json|\.env) {
    
47.         return 404;
    
48.     }
    
49. 
    
50.     #一键申请SSL证书验证目录相关设置
    
51.     location /.well-known/ {
    
52.         root /www/wwwroot/java_node_ssl;
    
53.     }
    
54. 
    
55.     #禁止在证书验证目录放入敏感文件
    
56.     if ( $uri ~ "^/\.well-known/.*\.(php|jsp|py|js|css|lua|ts|go|zip|tar\.gz|rar|7z|sql|bak)$" ) {
    
57.         return 403;
    
58.     }
    
59. 
    
60.     #STATIC-START 静态资源相关配置
    
61.     location / {
    
62.          root /www/wwwroot/java24xiaoxiaoxiao/dist;
    
63.          index index.html;
    
64.          try_files $uri $uri/ /index.html;
    
65.     }
    
66.     #STATIC-END
    
67. 
    
68.     #PROXY-LOCAl-START 代理本地服务的相关配置
    
69.     #PROXY-STARTapis/
    
70.     location apis/ {
    
71.         proxy_pass http://127.0.0.1:1001;
    
72.         proxy_set_header Host $host;
    
73.         proxy_set_header X-Real-IP $remote_addr;
    
74.         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
75.         proxy_set_header REMOTE-HOST $remote_addr;
    
76.         add_header X-Cache $upstream_cache_status;
    
77.         proxy_set_header X-Host $host:$server_port;
    
78.         proxy_set_header X-Scheme $scheme;
    
79.         proxy_connect_timeout 30s;
    
80.         proxy_read_timeout 86400s;
    
81.         proxy_send_timeout 30s;
    
82.         proxy_http_version 1.1;
    
83.         proxy_set_header Upgrade $http_upgrade;
    
84.         proxy_set_header Connection "upgrade";
    
85.     }
    
86.     #PROXY-ENDapis/
    
87. 
    
88. 
    
89.    
    
90.     #PROXY-LOCAl-END
    
91. 
    
92.     access_log  /www/wwwlogs/ad_jar.log;
    
93.     error_log  /www/wwwlogs/ad_jar.error.log;
    
94. }

复制代码

：Mixed Content: The page at 'https://java24xiao.***.work/#/login' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://java24xiao.***.work:1001/web/menu/login'. This request has been blocked; the content must be served over HTTPS.

您的请求以 https://java24xiao 入口，但是后面请求的是 http://java24xiao
自己配置的配置文件吗？

location apis/ {
        proxy_pass http://127.0.0.1:1001;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header REMOTE-HOST $remote_addr;
        add_header X-Cache $upstream_cache_status;
        proxy_set_header X-Host $hostserver_port;
        proxy_set_header X-Scheme $scheme;
        proxy_connect_timeout 30s;
        proxy_read_timeout 86400s;
        proxy_send_timeout 30s;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }

改成 https 试试