文章内容
2019/9/8 17:38:03,作 者: 黄兵
“400 Bad Request The plain HTTP request was sent to HTTPS port” Nginx
最近在设置全站https的时候,使用http访问,出现了如下错误:
400 Bad Request The plain HTTP request was sent to HTTPS port
nginx具体配置内容如下:
server { listen 80; listen [::]:80 ssl; listen 443 ssl http2; listen [::]:443 ssl; server_name www.xxxxxxxxxx.com; ssl on; ssl_certificate /etc/ssl/private/www.xxx.com/1_www.xxxx.com_bundle.crt; ssl_certificate_key /etc/ssl/private/www.xxxxx.com/2_www.xxxx.com.key; ssl_prefer_server_ciphers on; ssl_dhparam /etc/ssl/certs/dhparam.pem; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"; keepalive_timeout 70; ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; #闁稿繈鍔庨悵鐥焧tps add_header Strict-Transport-Security max-age=63072000; add_header X-Frame-Options DENY; add_header X-Content-Type-Options nosniff; location / { try_files $uri @gunicorn_proxy; } location @gunicorn_proxy { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_redirect off; proxy_pass http://0.0.0.0:5002; # proxy_pass http://app; proxy_connect_timeout 500s; proxy_read_timeout 500s; uwsgi_buffers 16 16k; uwsgi_buffer_size 32k; proxy_send_timeout 500s; } }
造成这个错误的原因:
配置有误,当客户端尝试通过HTTP访问您的站点时,通过端口80,请求通过端口443重定向到HTTPS。但是,nginx期望通过端口443使用SSL到达。
如果使用https则不会出现这个问题。
解决方案:
直接设置访问80端口的时候重定向到443端口,具体配置内容如下:
server { listen 80; listen [::]:80 ssl; server_name xxxxx.pdflibr.com; rewrite ^ https://$server_name$uri last; } server { listen 443 ssl http2; listen [::]:443 ssl; server_name xxxx.pdflibr.com; ssl on; # 后面配置省略 ...
这样访问80端口(http)就可以直接跳转到443端口(https)。
问题到此解决。
参考资料:
1、“400 Bad Request The plain HTTP request was sent to HTTPS port” Nginx
黄兵个人博客原创。
转载请注明出处:黄兵个人博客 - “400 Bad Request The plain HTTP request was sent to HTTPS port” Nginx
评论列表