证书是阿里的免费证书。
ECS服务器配置如下:
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate,
# and that httpd will negotiate as the client of a proxied server.
# See the OpenSSL documentation for a complete list of ciphers, and
# ensure these follow appropriate best practices for this deployment.
# httpd 2.2.30, 2.4.13 and later force-disable aNULL, eNULL and EXP ciphers,
# while OpenSSL disabled these by default in 0.9.8zf/1.0.0r/1.0.1m/1.0.2a.
#SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GC$
SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4
# SSL Protocol support:
# List the protocol versions which clients are allowed to connect with.
# Disable SSLv2 and SSLv3 by default (cf. RFC 7525 3.1.1). TLSv1 (1.0)
# should be disabled as quickly as practical. By the end of 2016, only
# the TLSv1.2 protocol or later should remain in use.
#SSLProtocol all -SSLv2 -SSLv3
SSLProtocol -all +TLSv1 +TLSv1.1 +TLSv1.2
SSLProxyProtocol all -SSLv2 -SSLv3
网站的https链接可正常打开,并显示如下信息:
现象有两种
1、用户点击登录无任何反应。
2、用户点击登录出现错误(request:fail ssl handshake error)
有知道问题的大佬,求解答。。。
可以回帖留言,可联系微信:154178818 感激不尽~~~