为什么我的SSL证书在我的网站之间混合?

时间:2015-06-14 07:38:46

标签: ssl nginx


我正在为我的网络服务器使用nginx,并且我托管了3个主要网站,比如xyz.example.comabc.example.comexample.com本身。 example.comabc.example.com已经拥有SSL证书(两个PositiveSSL)。我买了另一个证书。对于第三个网站xyz.example.com 因此,问题是:当xyz.example.com与SSL一起使用时,example.com会返回NET::ERR_CERT_COMMON_NAME_INVALID,因为它会尝试使用xyz.example.com的证书(从Chrome中看到点击错误代码)。
当我从nginx xyz.example.com目录中删除sites-available的文件时,example.com重新开始工作(但显然xyz.example.com无法正常工作)。
这是我的两个nginx配置文件。 xyz.example.com:

server {
   listen 80;
   server_name xyz.example.com;
   rewrite ^/(.*) https://xyz.example.com/$1 permanent;
}

server {
   listen 443 ssl;

   server_name xyz.example.com;
   ssl_certificate /var/www/certs/xyz_example/cert_chain.crt;
   ssl_certificate_key /var/www/certs/xyz_example/key.key;

   root /var/www/xyz;
   index index.php;
   client_max_body_size 5m;

   location / {
         try_files $uri $uri/ /index.html;
   }
   location ~ \.php$ {
         try_files $uri =404;
         fastcgi_pass unix:/var/run/php5-fpm.sock;
         fastcgi_index index.php;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
         include fastcgi_params;
   }
}

example.com:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
add_header Strict-Transport-Security max-age=31536000;

server {
    listen 80;
    server_name example.com www.example.com;
    rewrite ^/(.*) https://example.com/$1 permanent;
}

server {
    listen 443 ssl;

    server_name www.example.com;
    ssl_certificate /var/www/certs/missaglialfio/cert_chain.crt;
    ssl_certificate_key /var/www/certs/missaglialfio/chiave.key;

    rewrite ^/(.*) https://example.com/$1 permanent;
}

server {
    listen 443 ssl;

    server_name example.com

    ssl_certificate /var/www/certs/example/cert_chain.crt;
    ssl_certificate_key /var/www/certs/example/key.key;

    root /usr/share/nginx/html;
    index index.html index.htm;

    client_max_body_size 10M;

    location / {
        proxy_pass http://localhost:2368;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_buffering off;
    } 
}

Soooh?问题出在哪儿? C.C
请注意,在尝试保护xyz.example.com之前,example.comabc.example.com一起工作正常(abc.example.com现在仍能正常工作)。 我已经重新下载了这两个证书。文件并重新捆绑。
我真的无法理解这一点......有人可以帮助我吗? 谢谢!

0 个答案:

没有答案
相关问题
最新问题