摘要:
RC4;ssl_协议TLSv1.1 TLSv1.2;ssl_首选服务器_密码;位置/{roothtml;indexindex.htmlindex.htm;}}然后发生了神奇的一幕。首先,nginx:[warn]invalidvalue“TLSv1.1”nginx:[warn]validvalue“TLSv1.2”删除了TLSv1.1 TLSv1.2;错误nginx:400BadRequest |将普通HTTPrequest发送到HTTPSport请参阅官方文档,解决方法如下:server{listen80;server_namelocalhost;roothtml;indexindex.htmlindex.htm;listen443ssl;#此处注意#sslon;ssl_certificatecert/21425134250577.pem;ssl_certificate_keycert/21525134250577.key;ssl_session_timeout5m;ssl_cherpseCDHE-RSA-ES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!
nginx: 400 Bad Request | The plain HTTP request was sent to HTTPS port
nginx版本1.0.4
nginx一般情况下配置;
server { listen 443; server_name localhost; ssl on; root html; index index.html index.htm; ssl_certificate cert/214525134250577.pem; ssl_certificate_key cert/214525134250577.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
然后神奇的一幕发生了,首先是: nginx: [warn] invalid value "TLSv1.1" nginx: [warn] invalid value "TLSv1.2"
把 TLSv1.1 TLSv1.2 删掉;报错 nginx: 400 Bad Request | The plain HTTP request was sent to HTTPS port
参考官方文档解决如下:
server { listen 80; server_name localhost; root html; index index.html index.htm; listen 443 ssl; #注意这里 #ssl on; ssl_certificate cert/214525134250577.pem; ssl_certificate_key cert/214525134250577.key; ssl_session_timeout 5m; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4; ssl_protocols TLSv1; ssl_prefer_server_ciphers on; location / { root html; index index.html index.htm; } }
删掉 ssl on; 并在 listen 443; 后面加上ssl即可