nginx ssl 107 (net::ERR_SSL_PROTOCOL_ERROR) 无法与服务器建立安全连接 解决方法

原作者的文章不见了，转一下。
解决方法，把ssl vhost直接写到/usr/local/nginx/conf/nginx.conf里面，并且在80端口的默认主机之前。

###############################################################################################我是分界线########################################################################################################################

以下转自http://cache.baiducontent.com/c?m=9f65cb4a8c8507ed4fece7631046893b4c4380146d96864968d4e414c42246040671e4cf6f7c4e1980853a3c50f11e41bca770216c5d61aa91ce824edfba933f2efc7969214fc01a4f8f65e8945124b72b875aedfb5ba6adf14490ba978e9f025c96065e26cae78b2b57548a78f16426e4d28e49651e51e4fa3115e85e033e9e5302f61abfbd63335996f7ad4b4bb73dd11146d7ef68f0&p=84759a46d6c250ee1aa2c7710f4ec1&newp=882a9645d79402fc57efcd31464d80231610db2151d3d101298ffe0cc4241a1a1a3aecbf21261603d5c37b6c03aa4358ecf435763c0634f1f689df08d2ecce7e78cb&user=baidu&fm=sc&query=nginx+ERR_SSL_PROTOCOL_ERROR&qid=c9646c2c0001df18&p1=2

今天访问测试代码

火狐浏览器访问 https://www.abc.com　出现一个很怪异的问题，报错：

ssl 107 (net::ERR_SSL_PROTOCOL_ERROR)

刚开始以为是ssl失效了，重新安装了一遍

安装过程：

第一步# openssl genrsa -des3 -out server1.key 1024
Generating RSA private key, 1024 bit long modulus
……++++++
……..++++++
e is 65537 (0x10001)
Enter pass phrase for server1.key:此处设置个密码
Verifying - Enter pass phrase for server1.key:重新输入设置个密码
第二步# openssl req -new -key server1.key -out server1.csr
Enter pass phrase for server1.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,

If you enter ‘.’, the field will be left blank.

Country Name (2 letter code) [GB]:CN
State or Province Name (full name) [Berkshire]:Beijing
Locality Name (eg, city) [Newbury]:Beijing
Organization Name (eg, company) [My Company Ltd]:xo
Organizational Unit Name (eg, section) []:xo
Common Name (eg, your name or your server’s hostname) []:xo
Email Address []:

Please enter the following ‘extra’ attributes
to be sent with your certificate request
A challenge password []:此处回车
An optional company name []:此处回车

第三步：#cp server1.key server1.key.org
第四步：# openssl rsa -in server1.key.org -out server1.key
Enter pass phrase for server1.key.org:此处输入刚才设置的密码
writing RSA key

第五步：]# openssl x509 -req -days 365 -in server1.csr -signkey server1.key -out server1.crt
Signature ok
subject=/C=CN/ST=Beijing/L=Beijing/O=xo/OU=xo/CN=xo
Getting Private key
安装完ssl，配置nginx虚拟主机

server
{
listen 80;
server_name www.abc.com;
　root /data0/htdocs/zhaolilei;
　index index.html index.php;
rewrite ^/ https://www.abc.com permanent;

location ~ .*.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
access_log /data1/logs/test1.log;
}
server
{
listen 443;
server_name www.abc.com;
　root /data0/htdocs/zhaolilei;
　index index.html index.php;

ssl on;
ssl_certificate server.crt;
ssl_certificate_key server.key;

location ~ .*.(php|php5)?$
{
#fastcgi_pass unix:/tmp/php-cgi.sock;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
}
access_log /data1/logs/test.log;
}
配置完后访问测试，依然是报错，后来在网上查了Ｎ多资料也没有个说法

静下来想想，这个之前是好用的，最近貌似只升级过nginx版本为1.2.1,难道与版本有关，新版本的nginx有一些规则改了，比如：日志格式要放在虚拟主机上边定义，后可官网也没有查出相关问题。猜想会不会与虚拟主机的顺序有关，我这里先配置的８０,后配置的４４３

经过测试，果然如此，把４４３的虚拟主机放置到８０的上边，重启nginx，访问ＯＫ了

真是让人蛋疼的问题，搞了４个小时，也许是nginx新版本的特性吧，有时间在查吧….