nginx 环境下http和https(ssl)共存的方法

80 443喘口共存之前是没问题的,但这次突然发现了这样的问题,htpps可以访问,但http不能访问会反回400

1xx.6x.x9.x8 - - [19/Jun/2017:16:04:28 +0800] "GET /beehive/wec.xml HTTP/1.1" 400 683 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0"

 之前的配置:

#app调试
upstream test-appsrv_pools {
        server 11.100.98.100:8040;
        check interval=3000 rise=2 fall=3 timeout=2000;
 }
#
server {
    listen 80;
    listen 443;
    server_name test.xxxx.com;
    ssl on;
    ssl_certificate /etc/cert/xxx673140913.pem;
    ssl_certificate_key /etc/cert/xxx78673140913.key;
    #ssl_session_cache shared:SSL:1m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_protocols TLSv1.2 TLSv1.1;
    #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://test-appsrv_pools;
        #proxy_set_header Host                  $host;
        #proxy_set_header X-Real-IP             $remote_addr;
        #proxy_set_header X-Forwarded-For       $proxy_add_x_forwarded_for;
    }
 }

 上面这种配置之前是没有问题的:

#app调试
upstream test-appsrv_pools {
        server 11.10.200.160:8040;
        check interval=3000 rise=2 fall=3 timeout=2000;
 }
#
server {
    listen 80;
    listen 443 ssl;
    server_name test.xxxx.com;
    #ssl on;
    ssl_certificate /etc/cert/xx3978673140913.pem;
    ssl_certificate_key /etc/cert/xxx3978673140913.key;
    #ssl_session_cache shared:SSL:1m;
    ssl_ciphers HIGH:!aNULL:!MD5;
    ssl_protocols SSLv2 SSLv3 TLSv1;
    ssl_protocols TLSv1.2 TLSv1.1;
    #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
    location / {
        proxy_pass http://test-appsrv_pools;
        #proxy_set_header Host                  $host;
        #proxy_set_header X-Real-IP             $remote_addr;
        #proxy_set_header X-Forwarded-For       $proxy_add_x_forwarded_for;
    }
 }

 把ssl on;注掉,再把 443 后面加上ssl;

如上面的配置 ,问题解决