|
diocat 发表于 2023-5-22 15:28
是的。之前我编的版本加入了module,但是quic下配置ssl_preread on 就直接nginx -t报错,现在不知道行不 ...[ol]
curl -i -v --alt-svc altsvc.cache https://github.com:8443/ --resolve github.com:8443:127.0.0.1
* Added github.com:8443:127.0.0.1 to DNS cache
* Hostname github.com was found in DNS cache
* Trying 127.0.0.1:8443...
* Connected to github.com (127.0.0.1) port 8443 (#0)
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server accepted h2
* Server certificate:
* subject: C=US; ST=California; L=San Francisco; O=GitHub, Inc.; CN=github.com
* start date: Feb 14 00:00:00 2023 GMT
* expire date: Mar 14 23:59:59 2024 GMT
* subjectAltName: host "github.com" matched cert's "github.com"
* issuer: C=US; O=DigiCert Inc; CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1
* SSL certificate verify ok.
* using HTTP/2
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: github.com:8443]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 1 (easy handle 0xaaab010bd9e0)
> GET / HTTP/2
> Host: github.com:8443
> user-agent: curl/7.88.1
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* old SSL session ID is stale, removing
复制代码
进一步测试,发往 127.0.0.1:8443 的 https 请求,也正确地按照 ssl_preread 的结果,转发到了 github |
|