nginx 环境下http和https(ssl)共存的方法

80 443喘口共存之前是没问题的,但这次突然发现了这样的问题,htpps可以访问,但http不能访问会反回400

1
1xx.6x.x9.x8 - - [19/Jun/2017:16:04:28 +0800] "GET /beehive/wec.xml HTTP/1.1" 400 683 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"

 之前的配置:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#app调试
upstream test-appsrv_pools {
        server 11.100.98.100:8040;
        check interval=3000 rise=2 fall=3 timeout=2000;
 }
#
server {
    listen 80;
    listen 443;
    server_name test.xxxx.com;
    ssl on;
    ssl_certificate /etc/cert/xxx673140913.pem;
    ssl_certificate_key /etc/cert/xxx78673140913.key;
    #ssl_session_cache shared:SSL:1m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_protocols TLSv1.2 TLSv1.1;
    #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://test-appsrv_pools;
        #proxy_set_header Host                  $host;
        #proxy_set_header X-Real-IP             $remote_addr;
        #proxy_set_header X-Forwarded-For       $proxy_add_x_forwarded_for;
    }
 }

 上面这种配置之前是没有问题的:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
#app调试
upstream test-appsrv_pools {
        server 11.10.200.160:8040;
        check interval=3000 rise=2 fall=3 timeout=2000;
 }
#
server {
    listen 80;
    listen 443 ssl;
    server_name test.xxxx.com;
    #ssl on;
    ssl_certificate /etc/cert/xx3978673140913.pem;
    ssl_certificate_key /etc/cert/xxx3978673140913.key;
    #ssl_session_cache shared:SSL:1m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_protocols TLSv1.2 TLSv1.1;
    #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://test-appsrv_pools;
        #proxy_set_header Host                  $host;
        #proxy_set_header X-Real-IP             $remote_addr;
        #proxy_set_header X-Forwarded-For       $proxy_add_x_forwarded_for;
    }
 }

 把ssl on;注掉,再把 443 后面加上ssl;

如上面的配置 ,问题解决

posted @   bass  阅读(355)  评论(0编辑  收藏  举报
编辑推荐:
· Linux glibc自带哈希表的用例及性能测试
· 深入理解 Mybatis 分库分表执行原理
· 如何打造一个高并发系统?
· .NET Core GC压缩(compact_phase)底层原理浅谈
· 现代计算机视觉入门之:什么是图片特征编码
阅读排行:
· 手把手教你在本地部署DeepSeek R1,搭建web-ui ,建议收藏!
· Spring AI + Ollama 实现 deepseek-r1 的API服务和调用
· 数据库服务器 SQL Server 版本升级公告
· 程序员常用高效实用工具推荐,办公效率提升利器!
· C#/.NET/.NET Core技术前沿周刊 | 第 23 期(2025年1.20-1.26)
点击右上角即可分享
微信分享提示