[英]http2: SSL read failed while sending req in nginx
我正在使用http2和ssl配置nginx。 我遇到以下錯誤:
處理HTTP / 2連接時SSL_read()失敗(SSL:錯誤:14094418:SSL例程:ssl3_read_bytes:tlsv1警報未知ca:SSL警報編號48)
下面是我的配置:
user www-data;
worker_processes auto;
events {
use epoll;
worker_connections 128;
multi_accept on;
}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
" close;
}
proxy_read_timeout 86400;
server {
listen 443 ssl http2 default_server;
ssl_password_file /etc/nginx/nginx_sscert.pass;
ssl_certificate /etc/nginx/ssl/nginx_sscert.crt;
ssl_certificate_key /etc/nginx/ssl/nginx_sscert.key;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 180m;
ssl_session_tickets off;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
root /var/www/dist;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
gzip on;
gzip_min_length 1000;
gzip_types text/plain application/x-javascript text/xml text/css;
client_body_temp_path /tmp/nginx;
proxy_temp_path /tmp/nginx;
error_log /var/log/nginx/debug.log debug;
}
}
NGINX版本-1.10.3(穩定)&1.11.9(主線)
$ nginx -V的輸出:
nginx version: nginx/1.10.3
built with OpenSSL 1.0.2h 3 May 2016
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --prefix=/usr --pid-path=/var/run/nginx/nginx.pid --with-http_auth_request_module --with-http_v2_module --with-http_ssl_module --without-http_fastcgi_module --without-http_uwsgi_module --without-http_scgi_module
配置后,nginx的輸出:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Firefox版本-51.0.1
Chrome版本-54.0.2 ***
任何對此的指針表示贊賞。 TIA :)
顯然,您的證書配置不正確。 我建議使用Let's Encrypt ,它提供免費的證書,並且確實易於使用。
有關更多信息,請參見Nginx論壇上的該線程 。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.