通过nginx服务ssl网页,ssl_error_rx_record_too_long
问题描述:
请帮助我:这virtual.conf
nginx conf文件中有什么问题,这意味着在查看网站时,我得到错误ssl_error_rx_record_too_long
,而不是能够查看我的网站。我正在使用aws,nginx来为一些rails应用程序提供服务 - 昨天工作正常,但是我崩溃了整个服务器,并且疯狂地试图在凌晨2点解决这个问题,并准备在上午9:30进行生产。通过nginx服务ssl网页,ssl_error_rx_record_too_long
ssl_certificate /etc/ssl/star_my_site.pem;
ssl_certificate_key /etc/ssl/star_my_site.key;
# ------------------
# rails app one
# ------------------
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
server {
listen 80;
# server_name rails_app_one.my_site.com.au www.rails_app_one.my_site.com.au;
server_name _ localhost;
return 301 https://rails_app_one.my_site.com.au;
}
server {
listen 443;
server_name _ localhost;
location/{
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://my_app;
}
location ~ "^/assets/" {
root /var/app/current/public;
gzip_static on;
expires max;
add_header Cache-Control public;
}
}
# ------------------
# rails app two
# ------------------
upstream rails_app_two_app {
server unix:///var/run/puma/rails_app_two_app.sock;
}
server {
listen 80;
server_name rails_app_two.my_site.com.au www.rails_app_two.my_site.com.au;
return 301 https://rails_app_two.my_site.com.au;
}
server {
listen 443;
server_name rails_app_two.my_site.com.au;
location/{
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://rails_app_two_app;
}
location ~ "^/assets/" {
root /var/app/rails_app_two.my_site.com.au/current/public;
gzip_static on;
expires max;
add_header Cache-Control public;
}
}
答
ssl_error_rx_record_too_long
通常意味着当浏览器正期待HTTPS内容的服务器返回普通HTTP内容。 (您可以通过转到http://your.site:443并查看您的网站来验证此问题。)
您需要在nginx中启用SSL - 仅仅声明ssl_certificate
是不够的。
变化listen 443;
到listen 443 ssl;
(另外,我建议把ssl_certificate
在服务器块,这样你就可以使用不同的SSL证书与其他域)
编辑:https://serverfault.com/questions/497430/error-code-ssl-error-rx-record-too-long具有几乎相同问题,希望你在9am产品发布前找到它!