我正在尝试连接配置为使用ssl的远程nginx服务器。
我发了一个命令
$curl https://10.73.80.197:8080/
但在那之后我收到了错误。这是整个log-
* Hostname was NOT found in DNS cache
* Trying 10.73.80.197...
* Connected to 10.73.80.197 (10.73.80.197) port 80 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Closing connection 0
curl: (35) error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
答案 0 :(得分:3)
如其他几篇文章所述:
curl: (35) error:1408F10B:SSL routines:ssl3_get_record:wrong version number
Curl returns "Unknown protocol"
这种卷曲错误通常是由于通过HTTP而非http使用Web代理的结果
您应该检查您的 https_proxy env变量
如果您有类似
然后您应该更改并设置以下内容
https_proxy = http ://myproxy.example.com:8080 /
答案 1 :(得分:0)
我今天遇到了这个问题,就我而言,这是我的 nginx.conf 文件中的配置错误。我的配置包含如下内容:
server {
listen 443;
listen [::]:443;
# Single underscore means 'matches any server name'
server_name _;
root /usr/share/nginx/html;
# Only allow more recent (still secure) versions of TLS
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# Explicitly set list of supported ciphers
ssl_ciphers ECDH+AESGCM:ECDH+AES256-CBC:ECDH+AES128-CBC:DH+3DES:!ADH:!AECDH:!MD5;
ssl_certificate "/etc/pki/atmloader/server.crt";
ssl_certificate_key "/etc/pki/atmloader/server.pem";
# ...
}
但它应该是这样的:
server {
listen 443 ssl;
listen [::]:443 ssl;
# Single underscore means 'matches any server name'
server_name _;
root /usr/share/nginx/html;
# Only allow more recent (still secure) versions of TLS
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
# Explicitly set list of supported ciphers
ssl_ciphers ECDH+AESGCM:ECDH+AES256-CBC:ECDH+AES128-CBC:DH+3DES:!ADH:!AECDH:!MD5;
ssl_certificate "/etc/pki/atmloader/server.crt";
ssl_certificate_key "/etc/pki/atmloader/server.pem";
# ...
}
注意 ssl 参数值中缺少的 listen。
在复制最初为非 HTTPS 端口创建的配置时,我犯了一个复制粘贴错误。