我们的生产配置中,并没有配置80强制跳转443的配置
配置如下
server {
listen 80 default_server;
listen 443 ssl;
server_name 域名;
server_name_in_redirect off;
ssl_certificate /etc/nginx/ssl/full_chain_rsa.crt;
ssl_certificate_key /etc/nginx/ssl/证书.key;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4:!DH:!DHE;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
}
还有一种是做强制跳转的
server {
listen 80;
server_name www.域名.com;
rewrite ^(.*)$ https://${server_name}$1 permanent;
}
server {
listen 443;
server_name www.域名.com;
root /home/wwwroot;
ssl on;
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
....
}