nginx在配置ssl时提示以下信息
nginx: [warn] duplicate value "TLSv1.1" in /www/server/panel/vhost/nginx/xxxxxxxxxxx.com.conf:42
nginx: [warn] duplicate value "TLSv1.2" in /www/server/panel/vhost/nginx/xxxxxxxxxxx.com.conf:42
nginx: [warn] duplicate value "TLSv1.3" in /www/server/panel/vhost/nginx/xxxxxxxxxxx.com.conf:42
nginx: [emerg] "ssl_ciphers" directive is duplicate in /www/server/panel/vhost/nginx/xxxxxxxxxxx.com.conf:43
nginx: configuration file /www/server/nginx/conf/nginx.conf test failed
查询百度之后,也没有找到相应的解决办法,随后把以下信息中红色的部分配置到配置文件中
server
{
listen 80;
listen 443 ssl http2;
server_name xxxxxxxxxxx.com www.xxxxxxxxxxx.com;
index index.php index.html index.htm default.php default.htm default.html;
root /www/wwwroot/xxxxxxxxxxx.com;
#SSL-START SSL相关配置,请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;
#HTTP_TO_HTTPS_START
if ($server_port !~ 443){
rewrite ^(/.*)$ https://$host$1 permanent;
}
#HTTP_TO_HTTPS_END
ssl_certificate /www/server/panel/vhost/cert/xxxxxxxxxxx.com/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/xxxxxxxxxxx.com/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
#SSL-END
#引用重定向规则,注释后配置的重定向代理将无效
include /www/server/panel/vhost/nginx/redirect/xxxxxxxxxxx.com/*.conf;
再次到配置ssl文件的地方,点击保存按钮,这次提示成功了
要保证下面两个文件存在
ssl_certificate /www/server/panel/vhost/cert/xxxxxxxxxxx.com/fullchain.pem;
ssl_certificate_key /www/server/panel/vhost/cert/xxxxxxxxxxx.com/privkey.pem;