我有一个使用 Nginx Web 服务器的网站,它既可以在 HTTP 模式下工作,也可以在 HTTPS 模式下工作,但我想知道 HTTPS 对某些用户不起作用,而对许多用户却可以同时工作!另外,所有用户都可以在 HTTP 模式下加载网站而不会出现问题,问题只是出在 SSL 握手上。
注意:我向我的用户提供了以下命令,他们给了我他们的输出:
$ openssl s_client -connect example.com:443 -tlsextdebug
许多用户的成功输出:
$ openssl s_client -connect example.com:443 -tlsextdebug
CONNECTED(00000003)
TLS server extension "renegotiation info" (id=65281), len=1
0001 - <SPACES/NULS>
TLS server extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS server extension "session ticket" (id=35), len=0
TLS server extension "extended master secret" (id=23), len=0
depth=2 C = US, ST = New Jersey, L = Jersey City, O = The USERTRUST Network, CN = USERTrust RSA Certification Authority
verify return:1
depth=1 C = GB, ST = Greater Manchester, L = Salford, O = Sectigo Limited, CN = Sectigo RSA Domain Validation Secure Server CA
verify return:1
depth=0 OU = Domain Control Validated, OU = PositiveSSL, CN = example.com
verify return:1
---
Certificate chain
..........
其他用户输出失败:
$ openssl s_client -connect example.com:443 -tlsextdebug
CONNECTED(00000003)
TLS server extension "renegotiation info" (id=65281), len=1
0001 - <SPACES/NULS>
TLS server extension "EC point formats" (id=11), len=4
0000 - 03 00 01 02 ....
TLS server extension "session ticket" (id=35), len=0
TLS server extension "extended master secret" (id=23), len=0
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
.......
您知道为什么会发生这种情况以及如何解决吗?