nginx配置文件:
server {
listen 80;
listen 443;
server_name www.xxx.com;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
ssl on;
root html;
index index.html index.htm;
ssl_certificate /etc/nginx/conf.d/cert/214567143360012.pem;
ssl_certificate_key /etc/nginx/conf.d/cert/214567143360012.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}
访问https时候正常,不过访问http的时候会出现
400 Bad Request The plain HTTP request was sent to HTTPS port错误
直译下来就是:普通HTTP请求发送到HTTPS端口。
参考官方文档解决方法如下:
server {
listen 80;
listen 443 ssl;
server_name www.xxx.com;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
root html;
index index.html index.htm;
ssl_certificate /etc/nginx/conf.d/cert/214567143360012.pem;
ssl_certificate_key /etc/nginx/conf.d/cert/214567143360012.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
}
删掉ssl on; 并在 listen 443; 443后加上ssl即可