关于目前对HTTPS SSL的支持？

[HuYihe2008]

我在使用nginx-http-flv-module时，在配置完成后尝试打开SSL，访问推流发现405NotAllow，是否是模块不支持https

先决条件

环境：宝塔Nginx1.21.4 OS：centOS stream 8 模块绑定：已绑定域名

nginx的config文件：

user www www; worker_processes auto; error_log /www/wwwlogs/nginx_error.log crit; pid /www/server/nginx/logs/nginx.pid; worker_rlimit_nofile 51200;

stream { log_format tcp_format '$time_local|$remote_addr|$protocol|$status|$bytes_sent|$bytes_received|$session_time|$upstream_addr|$upstream_bytes_sent|$upstream_bytes_received|$upstream_connect_time';

access_log /www/wwwlogs/tcp-access.log tcp_format;
error_log /www/wwwlogs/tcp-error.log;
include /www/server/panel/vhost/nginx/tcp/*.conf;

}

events { use epoll; worker_connections 51200; multi_accept on; }

http { include mime.types;

include luawaf.conf;

    include proxy.conf;

    default_type  application/octet-stream;

    server_names_hash_bucket_size 512;
    client_header_buffer_size 32k;
    large_client_header_buffers 4 32k;
    client_max_body_size 50m;

    sendfile   on;
    tcp_nopush on;

    keepalive_timeout 60;

    tcp_nodelay on;

    fastcgi_connect_timeout 300;
    fastcgi_send_timeout 300;
    fastcgi_read_timeout 300;
    fastcgi_buffer_size 64k;
    fastcgi_buffers 4 64k;
    fastcgi_busy_buffers_size 128k;
    fastcgi_temp_file_write_size 256k;
    fastcgi_intercept_errors on;

    gzip on;
    gzip_min_length  1k;
    gzip_buffers     4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    gzip_types     text/plain application/javascript application/x-javascript text/javascript text/css application/xml;
    gzip_vary on;
    gzip_proxied   expired no-cache no-store private auth;
    gzip_disable   "MSIE [1-6]\.";

    limit_conn_zone $binary_remote_addr zone=perip:10m;
    limit_conn_zone $server_name zone=perserver:10m;

    server_tokens off;
    access_log off;

server { listen 888; server_name phpmyadmin; index index.html index.htm index.php; root /www/server/phpmyadmin;

    #error_page   404   /404.html;
    include enable-php.conf;

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
        expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
        expires      12h;
    }

    location ~ /\.
    {
        deny all;
    }

    access_log  /www/wwwlogs/access.log;
}

include /www/server/panel/vhost/nginx/*.conf; }

rtmp_auto_push on; rtmp_auto_push_reconnect 1s;

rtmp { out_queue 4096; chunk_size 512; out_cork 8; max_streams 128; timeout 30s; idle_streams off; drop_idle_publisher 30s;

server {
    listen 1935 reuseport;
    server_name live.cscfsx.com;

    application myapp {
        live on;
        #gop_cache on; 
    }
}

}

网站的nginx config文件：

server { listen 80 reuseport; listen 443 reuseport ssl http2; server_name live.cscfsx.com; index index.php index.html index.htm default.php default.htm default.html; root /ssd/live.cscfsx.com;

#SSL-START SSL相关配置，请勿删除或修改下一行带注释的404规则
#error_page 404/404.html;

ssl_certificate    /www/server/panel/vhost/cert/live.cscfsx.com/fullchain.pem;
ssl_certificate_key    /www/server/panel/vhost/cert/live.cscfsx.com/privkey.pem;

ssl_session_cache shared:HTTP_LIVE:5m;
ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location /live {
        flv_live on; 
        chunked_transfer_encoding on; 

        add_header 'Access-Control-Allow-Origin' '*'; 
        add_header 'Access-Control-Allow-Credentials' 'true'; 

        add_header 'Cache-Control' 'no-store';
    }

#location /ws {
#        websocket on srv_ping_interval=5s cli_ping_interval=500ms srv_ping_timeout=30s;
#        ws_live on;
#        frame_size 512;
#    }

location /stat {
        rtmp_stat all;
        #rtmp_stat_format json;
        rtmp_stat_stylesheet stat.xsl;
    }

location /stat.xsl {
        root /ssd/live.cscfsx.com; 
    }
location /control {
        rtmp_control all; 
    }
location /hls{
    root /ssd/live.cscfsx.com/tmp;
    autoindex on;

    types {
      application/vnd.apple.mpegurl m3u8;
    }

    add_header 'Cache-Control' 'no-store';
    add_header 'Access-Control-Allow-Origin' '*'; 
}

#SSL-END

#ERROR-PAGE-START  错误页配置，可以注释、删除或修改
#error_page 404 /404.html;
#error_page 502 /502.html;
#ERROR-PAGE-END

#PHP-INFO-START  PHP引用配置，可以注释或修改
include enable-php-74.conf;
#PHP-INFO-END

#REWRITE-START URL重写规则引用,修改后将导致面板设置的伪静态规则失效
include /www/server/panel/vhost/rewrite/live.cscfsx.com.conf;
#REWRITE-END

#禁止访问的文件或目录
location ~ ^/(\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)
{
    return 404;
}

#一键申请SSL证书验证目录相关设置
location ~ \.well-known{
    allow all;
}

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
    expires      30d;
    error_log /dev/null;
    access_log /dev/null;
}

location ~ .*\.(js|css)?$
{
    expires      12h;
    error_log /dev/null;
    access_log /dev/null; 
}
access_log  /www/wwwlogs/live.cscfsx.com.log;
error_log  /www/wwwlogs/live.cscfsx.com.error.log;

}

开启https后的截图

另外

关于拉流无法在大多数支持flv的网页播放器播放，是否有解决办法？ 关于在拉流时发现音频出现电流音，是否与我的服务器带宽有关，带宽为30mbps，服务器的核心数量为28

[winshining]

绝大多数 http2 实现都是加密的，本模块不支持 http2。 Most of http2 implementations are encrypted, this module does not support http2.

[HuYihe2008]

绝大多数 http2 实现都是加密的，本模块不支持 http2。 Most of http implementations are encrypted, this module does not support http2.

那如何解决我无法使用https的问题？

[winshining]

@HuYihe2008 在配置文件里注释掉 http2 即可。