Eu tive o mesmo problema. Verifique sua diretiva de escuta para a porta 80. Ela não deve conter 'spdy' ou 'http2'
Eu uso o NGINX 1.5.12 no Ubuntu 13.10 e o HTTPS funciona bem e as páginas são servidas (tanto no HHVM quanto no PHP5-FPM) tentando carregar o site no HTTP e o WGET retorna isso:
HTTP request sent, awaiting response... 200 No headers, assuming HTTP/0.9
Length: unspecified
Saving to: ‘index.html’
[ <=> ] 44 --.-K/s in 29s
2014-04-05 11:55:37 (1.49 B/s) - ‘index.html’ saved [44]
e cURL retornam isso:
?d???? ???
enquanto executo o cURL no HTTPS eu recebo isto:
HTTP/1.1 200 OK
Server: nginx
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: HHVM/3.1.0-dev+2014.04.04
Minha configuração
nginx.conf
user www-data www-data;
pid /var/run/nginx.pid;
worker_rlimit_nofile 100000;
events {
worker_connections 4096;
multi_accept on;
}
http {
default_type application/octet-stream;
access_log off;
error_log /var/log/nginx/error.log crit;
sendfile on;
tcp_nopush on;
keepalive_timeout 20;
client_header_timeout 20;
client_body_timeout 20;
reset_timedout_connection on;
send_timeout 20;
types_hash_max_size 2048;
gzip on;
gzip_disable "msie6";
gzip_proxied any;
gzip_min_length 256;
gzip_comp_level 4;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
server_names_hash_bucket_size 128;
include mime.conf;
charset UTF-8;
open_file_cache max=100000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server_tokens off;
include proxy.conf;
include fcgi.conf;
include conf.d/*.conf;
include /etc/nginx.custom.d/*.conf;
}
conf.d / example-com.conf
server {
listen *:80;
listen *:443 ssl;
ssl_certificate /srv/example.com/example.com.unified.crt;
ssl_certificate_key /srv/example.com/example.com.key;
server_name example.com www.example.com;
access_log /var/log/nginx/example-com.access.log;
error_log /var/log/nginx/example-com.error.log;
root /srv/example.com/root;
index index.html index.htm index.php;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
gzip off;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fcgi.conf;
}
location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
}
}
Eu não entendo porque o HTTPS funciona e o HTTP não?
tentou alterar o aplicativo / octet-stream para text / html, mas não houve diferença alguma.
Eu tive o mesmo problema. Verifique sua diretiva de escuta para a porta 80. Ela não deve conter 'spdy' ou 'http2'
divida seus blocos de servidor (embora seja válido, recomendado a ser usado blocos separados).
(supondo que você quer apenas SSL, caso contrário copie o conteúdo.)
301 para SSL
server {
listen 80;
listen [::]:80;
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
.....
dividir com a mesma configuração
server {
listen *:80;
server_name example.com www.example.com;
access_log /var/log/nginx/example-com.access.log;
error_log /var/log/nginx/example-com.error.log;
root /srv/example.com/root;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
gzip off;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fcgi.conf;
}
location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
}
}
server {
listen *:443 ssl;
ssl_certificate /srv/example.com/example.com.unified.crt;
ssl_certificate_key /srv/example.com/example.com.key;
server_name example.com www.example.com;
access_log /var/log/nginx/example-com.access.log;
error_log /var/log/nginx/example-com.error.log;
root /srv/example.com/root;
index index.html index.htm index.php;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
gzip off;
fastcgi_keep_conn on;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fcgi.conf;
}
location ^~ \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
}
}
Tags nginx