我的服务器上有以下内容,nginx.conf当我访问 时,它对 HTTPS 运行良好https://sub.mydomain.com。我还需要允许HTTP(因此监听 80)。
server {
listen 80;
listen 443 ssl;
server_name *.mydomain.io;
ssl_certificate /etc/ssl/mydomain.crt;
ssl_certificate_key /etc/ssl/mydomain.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
include /etc/nginx/sites-enabled/*;
}
出于某种原因,当我尝试点击时http://sub.mydomain.com它仍然将我重定向到https。
我是否遗漏了什么?
答案1
当您使用ssl on指令时 - 它适用于整个服务器/虚拟主机,无论您是否ssl之后指定listen。
(在文档中指定: http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl)
IE:
server {
listen 80;
server_name *.mydomain.io;
include /etc/nginx/sites-enabled/*;
}
server {
listen 443;
server_name *.mydomain.io;
ssl_certificate /etc/ssl/mydomain.crt;
ssl_certificate_key /etc/ssl/mydomain.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
include /etc/nginx/sites-enabled/*;
}