请问站点https怎么配置的，比如访问https://a.fengfei.org/

[PowellMao]

请问站点https怎么配置的，比如访问https://a.fengfei.org/，证书是怎么配置的呢？在conf文件中没有体现啊，服务器上openresty启动的端口只有80和8081啊，没有监听443端口。

[ffay]

在nginx.conf里增加下面配置，重启即可
listen 443 ssl;
ssl on;
ssl_certificate your.crt;
ssl_certificate_key your.key;

[PowellMao]

server {
listen 80 default_server;
server_name localhost;

    listen       443 ssl;
   #server_name  localhost;

    ssl          on;
    ssl_certificate      /usr/local/openresty/nginx/sslkey/*****.crt;
    ssl_certificate_key  /usr/local/openresty/nginx/sslkey/****.key;

    ssl_session_timeout  5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ALL:!DH:!EXPORT:!RC4:+HIGH:+MEDIUM:-LOW:!aNULL:!eNULL;
    ssl_prefer_server_ciphers on;

    location / {
        set $backend_host '127.0.0.1';
        set $backend_port 80;
        set $newhost '';
        set $upstream 'http://servers';
        access_by_lua_block{
            local access = require "access"
            access.dispatch()
        }
        proxy_set_header Host $newhost;
        proxy_http_version 1.1;
        proxy_pass $upstream;
    }

访问https://a.fengfei.org/没问题，

http://a.fengfei.org/就报错了

400 Bad Request

The plain HTTP request was sent to HTTPS port
openresty/1.11.2.1

[ffay]

检查下是不是端口搞错了，不能向443端口发送明文的http请求，或者检查下你是不是把80端口也开启了ssl