在我转到https://sub.mydomain.com时,我的nginx.conf有以下内容,这对于HTTPS非常nginx.conf 。 我需要也允许HTTP (因此听80)。
server { listen 80; listen 443 ssl; server_name *.mydomain.io; ssl_certificate /etc/ssl/mydomain.crt; ssl_certificate_key /etc/ssl/mydomain.key; ssl on; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; include /etc/nginx/sites-enabled/*; }
出于某种原因,当我尝试击中http://sub.mydomain.com它仍然将我redirect到https 。
我错过了什么吗?
当你ssl on指令ssl on使用ssl on – 它适用于整个服务器/虚拟主机,不pipe你是否在指定后指定ssl 。
(在文档中指定: http : //nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl )
即:
server { listen 80; server_name *.mydomain.io; include /etc/nginx/sites-enabled/*; } server { listen 443; server_name *.mydomain.io; ssl_certificate /etc/ssl/mydomain.crt; ssl_certificate_key /etc/ssl/mydomain.key; ssl on; ssl_session_cache builtin:1000 shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; ssl_prefer_server_ciphers on; include /etc/nginx/sites-enabled/*; }