Warning: file_get_contents(/data/phpspider/zhask/data//catemap/9/ssl/3.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ssl nginx中不支持加密协议,即使我有密钥和证书_Ssl_Nginx_Https - Fatal编程技术网
Fatal编程技术网
  • ssl/
  • Ssl nginx中不支持加密协议,即使我有密钥和证书

Ssl nginx中不支持加密协议,即使我有密钥和证书

ssl nginx https

Ssl nginx中不支持加密协议,即使我有密钥和证书,ssl,nginx,https,Ssl,Nginx,Https,这是工作得很好,但出于某种原因,它开始不起作用。我有一个777文件夹中的ssl文件。这是我的nginx配置: keepalive_timeout 70; ssl_certificate /path/to/crt; ssl_certificate_key /path/to/key; #these are both correct #the rest of this file is shown as it is ssl_session_

这是工作得很好,但出于某种原因,它开始不起作用。我有一个777文件夹中的ssl文件。这是我的nginx配置:

     keepalive_timeout 70;

     ssl_certificate     /path/to/crt;
     ssl_certificate_key /path/to/key;  #these are both correct
     #the rest of this file is shown as it is

     ssl_session_timeout 1d;
     ssl_session_cache shared:SSL:50m;

     #ssl_dhparam /path/to/dhparam.pem;

     ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
     #I had 'modern' (no TLSv1). Tried to add it to see if it would fix but it didn't
     ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256$
     ssl_prefer_server_ciphers on;

     add_header Strict-Transport-Security max-age=15768000;

     ssl_stapling on;
     ssl_stapling_verify on;

     ## verify chain of trust of OCSP response using Root CA and Intermedia$
     #ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;

     #resolver <IP DNS resolver>;
当我执行一个
sudo服务nginx restart
时,不会出现任何错误,它会正常启动。有人知道会发生什么吗?非常感谢你的帮助

通过firefox访问时,我得到“安全连接失败”,通过chrome访问时,我得到“SSL连接错误:错误SSL协议错误”这可能是由于名称服务器造成的吗?我最近尝试启用cloudflare,因此我怀疑流量是否被严重操纵

这是一组非常严格的密码,您在这里尝试使用。这些都是只有TLS 1.2支持的GCM密码-这意味着您选择接受TLS 1.0和TLS 1.1流量是无用的。可能并非所有浏览器都支持这些密码。有关建议的配置,请参阅

除此之外,您显示的语法是错误的,即它的行不应以
$
结尾,而应以
'结尾。但这可能只是你问题中的一个输入错误
 请发布nginx配置的完整版本。我假设您的配置中设置的listen参数可能有错误。

Certificate: untrusted,  bits,  signature
TLS ticket lifetime hint: 
OCSP stapling: not supported
Cipher ordering: server
Curves ordering: none - fallback: no
Renegotiation test error
Supported compression methods test error

TLS Tolerance: no
Fallbacks required:
big-SSLv3 config not supported, connection failed
big-TLSv1.0 config not supported, connection failed
big-TLSv1.1 config not supported, connection failed
big-TLSv1.2 config not supported, connection failed
small-SSLv3 config not supported, connection failed
small-TLSv1.0 config not supported, connection failed
small-TLSv1.0-notlsext config not supported, connection failed
small-TLSv1.1 config not supported, connection failed
small-TLSv1.2 config not supported, connection failed
v2-big-TLSv1.2 config not supported, connection failed
v2-small-SSLv3 config not supported, connection failed
v2-small-TLSv1.0 config not supported, connection failed
v2-small-TLSv1.1 config not supported, connection failed
v2-small-TLSv1.2 config not supported, connection failed



 ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256$