Cloudflare Rails SSL错误 [英] Cloudflare Rails SSL error

问题描述

我在ubuntu服务器的nginx上运行了可以正常工作的Rails应用程序.我在应用程序上添加了Cloudflare.然后，我在需要登录的页面上收到此错误:

I had a fully working Rails app running on nginx in a ubuntu server. I added Cloudflare on my app. Then, I am getting this error on pages that require sign in:

SSL connection error
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error code: ERR_SSL_PROTOCOL_ERROR

可以从登录页面和其他非交互式静态页面访问我的网站.

My site is accessible from the landing page and other non-interactive static pages.

我还注意到，当它重定向到错误页面时，DNS成为URL上的IP地址，之后是适当的目录.

I also noticed that when it redirects to the error page, the DNS becomes the IP address on the URL, followed by the appropriate directory afterwards.

我不知所措.

此外，当我查看URL上的网站信息时，它说

In addition, when I view site information on the URL, it says

The identity of this website has not been verified.

推荐答案

这是因为您网站的Nginx配置没有启用任何密码套件，CloudFlare可以使用这些密码套件连接到您的网站.这也可能意味着您的SSL配置不安全.

This is because the Nginx configuration of your site doesn't have any cipher suites enabled which CloudFlare can use to connect to your site. This will also likely mean your SSL configuration isn't secure.

您应该使SSL配置与CloudFlare的配置保持一致，幸运的是，CloudFlare会发布其在Nginx配置中使用的密码.只需将其添加到您的Nginx SSL配置中，删除具有相同名称的属性:

You should make your SSL configuration inline with that of CloudFlare, fortunately CloudFlare publish the ciphers they use in their Nginx configuration. Simply add this to your Nginx SSL configuration, removing properties with the same name:

ssl_protocols               TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers                 EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers   on;

这篇关于Cloudflare Rails SSL错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！