针对"SSL证书错误"的自定义nginx错误页面; [英] Custom nginx error page for "The SSL certificate error"
问题描述
如果客户将选择过期的证书,则Nginx服务器将显示内置错误页面.
If the customer will choose the expired certificate, the nginx server will show the built-in error page.
<html>
<head><title>400 The SSL certificate error</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The SSL certificate error</center>
<hr><center>nginx</center>
</body>
</html>
如何捕获错误并向客户显示其他页面?
How can I catch the error and show the client a different page?
推荐答案
请参考 http://nginx.org/en/docs/http/ngx_http_ssl_module.html#errors
Please refer to http://nginx.org/en/docs/http/ngx_http_ssl_module.html#errors
为代码400定义错误页面将不起作用.工作方法是
Define an error page for code 400 will not work. The working approach is
server {
...
error_page 495 496 497 https://www.google.com;
...
}
因此,未能提交有效证书的用户将被重定向到google.com.当 ssl_verify_client
设置为 on
或 optional
时,这将起作用.
So a user failed to submit a valid certificate will be redirect to google.com. This will work when ssl_verify_client
is set to on
or optional
.
另一种方法仅在将 $ ssl_verify_client
设置为 optional
时有效,您可以使用 $ ssl_client_verify
进行重定向.
Another approach works only when $ssl_verify_client
is set to optional
, you could use $ssl_client_verify
for redirecting.
if ($ssl_client_verify = NONE) {
return 303 https://www.google.com;
}
将 $ ssl_verify_client
设置为 on
时,它将不起作用.
When $ssl_verify_client
is set to on
, it will not work.
这篇关于针对"SSL证书错误"的自定义nginx错误页面;的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!