github-starred/frp
2
0
Fork 0
mirror of https://github.com/fatedier/frp.git synced 2026-05-15 08:05:49 -06:00
Code Issues 40 Projects Packages Wiki Activity Actions 1

[GH-ISSUE #3222] https穿透老是报证书错误 请大佬指导 #2585

New issue
Closed
opened 2026-05-05 13:39:51 -06:00 by gitea-mirror · 7 comments
gitea-mirror commented 2026-05-05 13:39:51 -06:00
Owner
Copy link

Originally created by @chenmo-tssz on GitHub (Dec 20, 2022).
Original GitHub issue: https://github.com/fatedier/frp/issues/3222

Describe the feature request

我在本地用nginx 搭建了个小博客192.168.1.7能访问
nginx default.conf 配置如下:

server {
    listen                  80;
    listen                  [::]:80;
    server_name             frp.***.cn;
    location / {
        return 301 https://$host$request_uri;
}
}
server {
    listen                   443 ssl http2;
     listen                  [::]:443 ssl http2;
     server_name             frp.cmsblog.cn;
     root                    /var/www/localhost/htdocs;
     index                   index.php index.html;
     client_max_body_size    32m;
     error_page              500 502 503 504  /50x.html;
     ssl                     on;
     ssl_certificate         /root/frp/frp.***.cn_bundle.crt;
     ssl_certificate_key     /root/frp/frp.***.cn.key;
    # Everything is a 404
            location ~ \.php$ {
              fastcgi_index     index.php;
              fastcgi_pass      127.0.0.1:9000;
              include           fastcgi.conf;
        }
  location / {
    try_files $uri $uri/ /index.php?$query_string;
  }
}

frpc.ini 搭建在192.168.1.10上面。

[test_htypecho]
type = https
custom_domains = frp.***.cn

plugin = https2http
plugin_local_addr = 192.168.1.7:80
plugin_crt_path = /root/frp/frp.***_bundle.crt
plugin_key_path = /root/frp/frp.***.cn.key
plugin_host_header_rewrite = 192.168.1.7
plugin_header_X-From-Where = frp`

frps.ini  应该是不用配置证书的吧
```vhost_http_port = 80
vhost_https_port = 443

为什么访问 https://frp.***.cn 就直接跳转到192.168.1.7 提示证书错误。证书申请的是免费一年的。

求大神帮忙。

Describe alternatives you've considered

No response

Affected area

  • Docs
  • Installation
  • Performance and Scalability
  • Security
  • User Experience
  • Test and Release
  • Developer Infrastructure
  • Client Plugin
  • Server Plugin
  • Extensions
  • Others
Originally created by @chenmo-tssz on GitHub (Dec 20, 2022). Original GitHub issue: https://github.com/fatedier/frp/issues/3222 ### Describe the feature request 我在本地用nginx 搭建了个小博客192.168.1.7能访问 nginx default.conf 配置如下: ``` server { listen 80; listen [::]:80; server_name frp.***.cn; location / { return 301 https://$host$request_uri; } } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name frp.cmsblog.cn; root /var/www/localhost/htdocs; index index.php index.html; client_max_body_size 32m; error_page 500 502 503 504 /50x.html; ssl on; ssl_certificate /root/frp/frp.***.cn_bundle.crt; ssl_certificate_key /root/frp/frp.***.cn.key; # Everything is a 404 location ~ \.php$ { fastcgi_index index.php; fastcgi_pass 127.0.0.1:9000; include fastcgi.conf; } location / { try_files $uri $uri/ /index.php?$query_string; } } ``` frpc.ini 搭建在192.168.1.10上面。 ``` [test_htypecho] type = https custom_domains = frp.***.cn plugin = https2http plugin_local_addr = 192.168.1.7:80 plugin_crt_path = /root/frp/frp.***_bundle.crt plugin_key_path = /root/frp/frp.***.cn.key plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp` frps.ini 应该是不用配置证书的吧 ```vhost_http_port = 80 vhost_https_port = 443 ``` 为什么访问 https://frp.***.cn 就直接跳转到192.168.1.7 提示证书错误。证书申请的是免费一年的。 求大神帮忙。 ### Describe alternatives you've considered _No response_ ### Affected area - [ ] Docs - [ ] Installation - [ ] Performance and Scalability - [ ] Security - [ ] User Experience - [ ] Test and Release - [ ] Developer Infrastructure - [ ] Client Plugin - [ ] Server Plugin - [ ] Extensions - [ ] Others
gitea-mirror 2026-05-05 13:39:51 -06:00
gitea-mirror commented 2026-05-05 13:39:55 -06:00
Author
Owner
Copy link

@superzjg commented on GitHub (Dec 20, 2022):

这两行删除再试试:
plugin_host_header_rewrite = 192.168.1.7
plugin_header_X-From-Where = frp`

<!-- gh-comment-id:1358898954 --> @superzjg commented on GitHub (Dec 20, 2022): 这两行删除再试试: plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp`
gitea-mirror commented 2026-05-05 13:39:55 -06:00
Author
Owner
Copy link

@chenmo-tssz commented on GitHub (Dec 20, 2022):

这两行删除再试试: plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp`

没用 一样的报错

<!-- gh-comment-id:1358974764 --> @chenmo-tssz commented on GitHub (Dec 20, 2022): > 这两行删除再试试: plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp` 没用 一样的报错
gitea-mirror commented 2026-05-05 13:39:57 -06:00
Author
Owner
Copy link

@superzjg commented on GitHub (Dec 20, 2022):

这两行删除再试试: plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp`

换个证书试试,比如用OpenSSL生成的自签名证书

<!-- gh-comment-id:1359056159 --> @superzjg commented on GitHub (Dec 20, 2022): > 这两行删除再试试: plugin_host_header_rewrite = 192.168.1.7 plugin_header_X-From-Where = frp` > 换个证书试试,比如用OpenSSL生成的自签名证书
gitea-mirror commented 2026-05-05 13:39:58 -06:00
Author
Owner
Copy link

@Becods commented on GitHub (Dec 20, 2022):

[web]
type = https
local_port = 443
custom_domains = frp.***.cn
<!-- gh-comment-id:1359602306 --> @Becods commented on GitHub (Dec 20, 2022): ``` [web] type = https local_port = 443 custom_domains = frp.***.cn ```
gitea-mirror commented 2026-05-05 13:39:59 -06:00
Author
Owner
Copy link

@AlpacaBi commented on GitHub (Dec 23, 2022):

建议用docker装个nginx-proxy-manager,web ui操作nginx反向代理,还能一键申请证书。

然后反代到frp,frp只走http就好了,https nginx已经有了。

这种操作方式比较简单。

<!-- gh-comment-id:1364122046 --> @AlpacaBi commented on GitHub (Dec 23, 2022): 建议用docker装个nginx-proxy-manager,web ui操作nginx反向代理,还能一键申请证书。 然后反代到frp,frp只走http就好了,https nginx已经有了。 这种操作方式比较简单。
gitea-mirror commented 2026-05-05 13:40:00 -06:00
Author
Owner
Copy link

@ax2009live commented on GitHub (Jan 2, 2023):

frpc.ini 搭建在192.168.1.10上面


[test_htypecho]
type = https
local_ip = 192.168.31.7
local_port = 443
custom_domains = frp.***.cn
use_encryption = true
use_compression = true
tls_enable = true
https:// frp.***.cn 就会调取 https://192.168.31.7

可以在frpc.ini 集中处理: 泛域名 http://*.domain.cn 跳转到 https://*.domain.cn
<!-- gh-comment-id:1369223656 --> @ax2009live commented on GitHub (Jan 2, 2023): frpc.ini 搭建在192.168.1.10上面 <pre> [test_htypecho] type = https local_ip = 192.168.31.7 local_port = 443 custom_domains = frp.***.cn use_encryption = true use_compression = true tls_enable = true</pre> <pre> https:// frp.***.cn 就会调取 https://192.168.31.7 可以在frpc.ini 集中处理: 泛域名 http://*.domain.cn 跳转到 https://*.domain.cn</pre>
gitea-mirror commented 2026-05-05 13:40:01 -06:00
Author
Owner
Copy link

@github-actions[bot] commented on GitHub (Feb 2, 2023):

Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.

<!-- gh-comment-id:1412973955 --> @github-actions[bot] commented on GitHub (Feb 2, 2023): Issues go stale after 30d of inactivity. Stale issues rot after an additional 7d of inactivity and eventually close.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
new
master
copilot/review-pull-request-5198
v0.68.1
v0.68.0
v0.67.0
v0.66.0
v0.65.0
v0.64.0
v0.63.0
v0.62.1
v0.62.0
v0.61.2
v0.61.1
v0.61.0
v0.60.0
v0.59.0
v0.58.1
v0.58.0
v0.57.0
v0.56.0
v0.55.1
v0.55.0
v0.54.0
v0.53.2
v0.53.1
v0.53.0
v0.52.3
v0.52.2
v0.52.1
v0.52.0
v0.51.3
v0.51.2
v0.51.1
v0.51.0
v0.50.0
v0.49.0
v0.48.0
v0.47.0
v0.46.1
v0.46.0
v0.45.0
v0.44.0
v0.43.0
v0.42.0
v0.41.0
v0.40.0
v0.39.1
v0.39.0
v0.38.0
v0.37.1
v0.37.0
v0.36.2
v0.36.1
v0.36.0
v0.35.1
v0.35.0
v0.34.3
v0.34.2
v0.34.1
v0.34.0
v0.33.0
v0.32.1
v0.32.0
v0.31.2
v0.31.1
v0.31.0
v0.30.0
v0.29.1
v0.29.0
v0.28.2
v0.28.1
v0.28.0
v0.27.1
v0.27.0
v0.26.0
v0.25.3
v0.25.2
v0.25.1
v0.25.0
v0.24.1
v0.24.0
v0.23.3
v0.23.2
v0.23.1
v0.23.0
v0.22.0
v0.21.0
v0.20.0
v0.19.1
v0.19.0
v0.18.0
v0.17.0
v0.16.1
v0.16.0
v0.15.1
v0.15.0
v0.14.1
v0.14.0
v0.13.0
v0.12.0
v0.11.0
v0.10.0
v0.9.3
v0.9.2
v0.9.1
v0.9.0
v0.8.1
v0.8.0
v0.7.0
v0.6.0
v0.5.0
v0.3.0
v0.2.0
v0.1.0
Labels
Clear labels   
In Progress

   
WIP

   
WaitingForInfo

   
bug

   
doc

   
duplicate

   
easy

   
enhancement

   
future

   
help wanted

   
invalid

   
lifecycle/stale

   
need-issue-template

   
need-usage-help

   
no plan

   
proposal

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
todo
No labels
In Progress
WIP
WaitingForInfo
bug
doc
duplicate
easy
enhancement
future
help wanted
invalid
lifecycle/stale
need-issue-template
need-usage-help
no plan
proposal
pull-request
question
todo
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/frp#2585
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?