问题
If the customer will choose the expired certificate, the nginx server will show the built-in error page.
<html>
<head><title>400 The SSL certificate error</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The SSL certificate error</center>
<hr><center>nginx</center>
</body>
</html>
How can I catch the error and show the client a different page?
回答1:
Please refer to http://nginx.org/en/docs/http/ngx_http_ssl_module.html#errors
Define an error page for code 400 will not work. The working approach is
server {
...
error_page 495 496 497 https://www.google.com;
...
}
So a user failed to submit a valid certificate will be redirect to google.com. This will work when ssl_verify_client is set to on or optional.
Another approach works only when $ssl_verify_client is set to optional, you could use $ssl_client_verify for redirecting.
if ($ssl_client_verify = NONE) {
return 303 https://www.google.com;
}
When $ssl_verify_client is set to on, it will not work.
回答2:
There is a way you can show the client a diffrent page. The way you do this is basically the same as stated above but instead you change the google website to a page that you created:
server {
...
error_page 495 496 497 /error400.html;
...
}
Just be sure to include all you're custom pages in each server instance.
来源:https://stackoverflow.com/questions/33560256/custom-nginx-error-page-for-the-ssl-certificate-error