ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 


  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА












     АРХИВ :: nginx-ru
Nginx-ru mailing list archive (nginx-ru@sysoev.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

nginx + ssl + IE8


  • To: nginx-ru@xxxxxxxxx
  • Subject: nginx + ssl + IE8
  • From: Sergey Arlashin <s.arlashin@xxxxxxxxx>
  • Date: Mon, 17 May 2010 23:56:10 +0400
  • Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:reply-to:from :date:message-id:subject:to:content-type; bh=XHaLarE2ngXj4BVgLFC+IwlI9Xh55TbssANME7t+jiw=; b=El0HCi85zaBYoQws50/7uu7zB4Xb7diD6/dAnzi5Idw5nalX4iCROcdChmIRu98M2f w17bVOWcd1RGQg/R4DMSG4aUG7DTRvdptJhLBOptpVN4NDDSkItAcSdGvIj7ByJp4JDW 2c9yam+pfSEsu3WPpz4TbZZ0t0kcSkMHWly5g=
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:reply-to:from:date:message-id:subject:to:content-type; b=Zf115jlrqpvGRd8npbewHENhlMjhnZEI0TaIHgUkO4EvXiElYMQI+XOlUKhFkQ3F9M JJVzsQOmUJF99OvCjLIufNd+24hcCq2/XgYgaRrkTXfth1+tA3N1b/it8KSCi3uDRevi T1dfjzwTSh7XenCWriGsJRfZtc9E+wdFkhY9w=
  • Resent-date: Tue, 18 May 2010 00:11:15 +0400
  • Resent-date: Tue, 18 May 2010 00:11:15 +0400
  • Resent-from: Igor Sysoev <igor@xxxxxxxxx>
  • Resent-message-id: <20100517201115.GA74827@xxxxxxxxxxxxx>
  • Resent-to: nginx-ru@xxxxxxxxx

Здравствуйте!
При обращении по HTTPS на сервер c nginx  (nginx/0.8.35) IE8 выдает следующее предупреждение:

Do you want to view only the webpage content that was delivered securely?
This webpage contains content that will not be delivered using a secure HTTPS connection, which could compromise the security of the entire webpage.
yes/no

При использовании apache IE8 такое предупреждение не выдает. В других браузерах (Firefox, Opera) такого предупреждения также нет.

Конфигурация секция nginx, описывающая хост, доступный по HTTPS

    server {
        listen                    443;
        include                   /etc/nginx/rewrite.nginx.conf;

        location ~* \.(jpg|jpeg|gif|avi|flv|mp3|doc|xml|htm|html|txt|png|ico|css|bmp|js|swf)$ {
            root /usr/local/www/apache22/data/;
        }

        ssl                       on;
        ssl_protocols             SSLv3 TLSv1;
        ssl_ciphers               AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
        ssl_verify_client         optional;
        ssl_certificate           /etc/apache2/ssl/server.crt;
        ssl_certificate_key       /etc/apache2/ssl/server.key;
        ssl_client_certificate    /etc/apache2/ssl/ca.crt;
        ssl_session_cache         shared:SSL:10m;
        ssl_verify_depth          1;
        ssl_session_timeout       10m;

        location / {
            proxy_pass            http://127.0.0.1:8080/;
            proxy_redirect             off;

            proxy_set_header           Host             $host;
            proxy_set_header           X-Real-IP        $remote_addr;

            client_max_body_size       250m;
            client_body_buffer_size    128k;

            client_body_temp_path      /var/lib/nginx/tmp/;

            proxy_connect_timeout      180;
            proxy_send_timeout         180;
            proxy_read_timeout         180;

            proxy_buffer_size          4k;
            proxy_buffers              4 32k;
            proxy_busy_buffers_size    64k;
            proxy_temp_file_write_size 64k;

            proxy_temp_path            /var/lib/nginx/tmp/;

            charset                    utf-8;

        }
    }

В чем может быть проблема?

----
С уважением, Сергей
_______________________________________________
nginx-ru mailing list
nginx-ru@xxxxxxxxx
http://nginx.org/mailman/listinfo/nginx-ru


 




Copyright © Lexa Software, 1996-2009.