IdentityServer4在nginx里设置跳转后,无法打开登录页的问题
现象描述:
id4的认证中心使用的是 http发布的,然后在nginx使用https来转发,结果出现,跳转到Account/Login路径,但是网页打不开。
nginx里配置如下:
server { listen 443 ssl; server_name www.lzgjscc.cn; ssl_certificate ..\ssl\8380213_www.aaa.cn.pem; ssl_certificate_key ..\ssl\8380213_www.aaa.cn.key; ssl_session_timeout 30m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_prefer_server_ciphers on; ssl_ecdh_curve secp384r1; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_stapling on; #ensure your cert is capable ssl_stapling_verify on; #ensure your cert is capable resolver 8.8.8.8 8.8.4.4 valid=300s; resolver_timeout 30s; #the next four lines of the configuration of nginx.conf is what made MVC Hybrid work correctly after publish: proxy_buffer_size 128k; proxy_buffers 4 256k; proxy_busy_buffers_size 256k; large_client_header_buffers 4 16k; location / { fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; proxy_pass http://10.10.10.10:10010; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#must be set or wrong url proxy_set_header X-Forwarded-Proto $scheme;#must be set or wrong url proxy_cache_bypass $http_upgrade; proxy_set_header X-URL-SCHEME https; } }
解决方法:
1、在nginx里加上一行:
proxy_set_header X-Forwarded-Proto $scheme;
2、在startup.cs里加上如下代码:
public void Configure(IApplicationBuilder app) { if (Environment.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); } var fordwardedHeaderOptions = new ForwardedHeadersOptions { ForwardedHeaders = ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto }; fordwardedHeaderOptions.KnownNetworks.Clear(); fordwardedHeaderOptions.KnownProxies.Clear(); app.UseForwardedHeaders(fordwardedHeaderOptions); app.UseCors("default"); app.UseSession(); app.UseCookiePolicy(); app.UseStaticFiles(); app.UseRouting(); //app.UseHttpsRedirection(); app.UseIdentityServer(); app.UseAuthentication(); app.UseAuthorization(); app.UseEndpoints(endpoints => { endpoints.MapDefaultControllerRoute(); }); }
参考链接:IdentityServer4在nginx反向代理后https引发的问题 - 海~~D - 博客园 (cnblogs.com)
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· DeepSeek 开源周回顾「GitHub 热点速览」
· 物流快递公司核心技术能力-地址解析分单基础技术分享
· .NET 10首个预览版发布:重大改进与新特性概览!
· AI与.NET技术实操系列(二):开始使用ML.NET
· 单线程的Redis速度为什么快?