Coin163

no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: 192.168.6.238, server: 0.0.0.0:443解决

2016-07-20by coin, 次阅读
     在新服务器上部署ssl证书时,碰到如下情况:
     nginx新建的server配置与ssl例子和已正常使用的配置并无差别,但还是出现:
no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: 192.168.0.2, server: 0.0.0.0:443
        使用nginx -V查看 ,nginx ssl模块都已加入 --with-http_gunzip_module 。
        在旧环境测试新证书,一切正常。
        后来发现是新环境的nginx中有其它的server监听了443端口(实际未使用),但它的没有ssl的配置参数都注释掉了。去除该server的监听443后,就正常了。


nginx https基本配置如下:

server {
    listen       443 ssl;
    server_name  www.xxx.com;
    ssl                  on; 
    ssl_certificate      /etc/nginx/conf.d/xxx.crt;
    ssl_certificate_key  /etc/nginx/conf.d/xxx.key;

    ssl_session_cache shared:SSL:1m;
    ssl_session_timeout  5m;

    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers   on;

    location / {
..
    }
}



------分隔线----------------------------