80 443喘口共存之前是没问题的,但这次突然发现了这样的问题,htpps可以访问,但http不能访问会反回400
1xx.6x.x9.x8 - - [19/Jun/2017:16:04:28 +0800] "GET /beehive/wec.xml HTTP/1.1" 400 683 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"
之前的配置:
#app调试
upstream test-appsrv_pools {
server 11.100.98.100:8040;
check interval=3000 rise=2 fall=3 timeout=2000;
}
#
server {
listen 80;
listen 443;
server_name test.xxxx.com;
ssl on;
ssl_certificate /etc/cert/xxx673140913.pem;
ssl_certificate_key /etc/cert/xxx78673140913.key;
#ssl_session_cache shared:SSL:1m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_protocols TLSv1.2 TLSv1.1;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://test-appsrv_pools;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
上面这种配置之前是没有问题的:
#app调试
upstream test-appsrv_pools {
server 11.10.200.160:8040;
check interval=3000 rise=2 fall=3 timeout=2000;
}
#
server {
listen 80;
listen 443 ssl;
server_name test.xxxx.com;
#ssl on;
ssl_certificate /etc/cert/xx3978673140913.pem;
ssl_certificate_key /etc/cert/xxx3978673140913.key;
#ssl_session_cache shared:SSL:1m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_protocols TLSv1.2 TLSv1.1;
#ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://test-appsrv_pools;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
把ssl on;注掉,再把 443 后面加上ssl;
如上面的配置 ,问题解决