我正在使用以下设置:
s1.conf
# Default website
server {
listen 80;
server_name test.com www.test.com;
return 301 https://test.com$request_uri; # enforce https
server_name_in_redirect off;
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log warn;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host:80;
proxy_set_header< X-Forwarded-Host $http_host
set $proxyserver "http://127.0.0.1:8888";
set $docroot "/home/bitrix/www";
index index.php;
root /home/bitrix/www;
# Redirect to ssl if need
if (-f /home/bitrix/www/.htsecure) { rewrite ^(.*)$ https://$host$1 permanent; }
# Include parameters common to all websites
include bx/conf/bitrix.conf;
# Include server monitoring locations
include bx/server_monitor.conf;
}
s1_ssl.conf
# Default SSL certificate enabled website
server {
listen 443 default_server ssl;
server_name test.com;
# Enable SSL connection
include bx/conf/ssl.conf;
server_name_in_redirect off;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host:443;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header HTTPS YES;
set $proxyserver "http://127.0.0.1:8888";
set $docroot "/home/bitrix/www";
index index.php;
root /home/bitrix/www;
# Include parameters common to all websites
include bx/conf/bitrix.conf;
# Include server monitoring API's
include bx/server_monitor.conf;
}
当我尝试链接http://test.com/xyz/或https://test.com/xyz/时,一切正常。但是当我尝试像http://test.com/xyz或https://test.com/xyz这样的链接时,我收到 400 Bad Request,纯 HTTP 请求已发送到 HTTPS 端口
这个卷曲输出:
curl -I -k https://test.com/xyz
HTTP/1.1 301 Moved Permanently
Server: nginx/1.6.2
Date: Mon, 22 Feb 2016 09:13:28 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
Location: http://test.com:443/xyz/
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
为什么协议改为http?
小智 5
您忘记说对http://test.com/xyz的引用是目录。
什么是邪恶:mod_dir
当服务器收到 URL http://servername/foo/dirname(其中 dirname 是目录)的请求时,会发出“尾部斜杠”重定向。目录需要尾部斜杠,因此 mod_dir 发出重定向到http://servername/foo/dirname/。
对于他来说“HTTPS on”不起作用,方案 https:// not be
应该做什么:
1) nginx 配置不涉及任何内容
2) 在您的域的 httpd 配置中,例如: /etc/httpd/bx/conf/bx_ext_site.local.conf
其中字符串包含您的服务器名称,例如: ServerName site.local
补充如下: https://
是这样的: ServerName https://site.local
这就是你所需要的
它无需任何重定向即可工作
意味着问题隐藏在手册中http://httpd.apache.org/docs/2.2/mod/core.html#servername
有时,服务器在处理 SSL 的设备后面运行,例如反向代理、负载平衡器或 SSL 卸载设备。在这种情况下,请在 ServerName 指令中指定客户端连接的 https:// 方案和端口号,以确保服务器生成正确的自引用 URL。
| 归档时间: |
|
| 查看次数: |
1370 次 |
| 最近记录: |