我在Debian服务器上运行Gunicorn 19.0以服务于Django 1.8站点。我也在运行nginx来提供网站的静态资产。
我的DNS由Gandi管理,我在服务器前面有CloudFlare。该网站在HTTP上运行愉快。现在我想通过HTTPS提供服务。我的问题是关于如何解决这个问题。
我已经following Gandi's instructions生成了证书。现在我的服务器上有一个server.csr和一个myserver.key文件。
我有一个运行Gunicorn的脚本,我已将其修改为指向这些证书文件:
exec gunicorn ${DJANGO_WSGI_MODULE}:application \
--certfile=/home/me/server.csr
--keyfile=/home/me/myserver.key
--name $NAME \
--workers $NUM_WORKERS \
--user=$USER --group=$GROUP \
--bind=unix:$SOCKFILE \
--log-level=debug \
--log-file=-
脚本似乎像往常一样干净利落地运行,但现在如果我转到https://example.com或http://example.com则没有任何内容(分别为521和404)。
我需要执行额外的步骤吗?
Gunicorn日志显示以下内容:
Starting myapp as hello
[2015-06-25 10:28:18 +0000] [11331] [INFO] Starting gunicorn 19.3.0
[2015-06-25 10:28:18 +0000] [11331] [ERROR] Connection in use: ('127.0.0.1', 8000)
[2015-06-25 10:28:18 +0000] [11331] [ERROR] Retrying in 1 second.
[2015-06-25 10:28:19 +0000] [11331] [ERROR] Connection in use: ('127.0.0.1', 8000)
[2015-06-25 10:28:19 +0000] [11331] [ERROR] Retrying in 1 second.
[2015-06-25 10:28:20 +0000] [11331] [ERROR] Connection in use: ('127.0.0.1', 8000)
[2015-06-25 10:28:20 +0000] [11331] [ERROR] Retrying in 1 second.
[2015-06-25 10:28:21 +0000] [11331] [ERROR] Connection in use: ('127.0.0.1', 8000)
[2015-06-25 10:28:21 +0000] [11331] [ERROR] Retrying in 1 second.
[2015-06-25 10:28:22 +0000] [11331] [ERROR] Connection in use: ('127.0.0.1', 8000)
[2015-06-25 10:28:22 +0000] [11331] [ERROR] Retrying in 1 second.
[2015-06-25 10:28:23 +0000] [11331] [ERROR] Can't connect to ('127.0.0.1', 8000)
/bin/bash: warning: setlocale: LC_ALL: cannot change locale (en_US)
我也很困惑,因为大多数枪支示例都谈论.crt个文件,但我只有一个.csr文件。
答案 0 :(得分:1)
以上评论中@SteveKlein所说的内容:
SSL should be set up in your NGINX config, not your Gunicorn one.
When you set up NGINX, you'll need to decide if you want to serve
both plain text and SSL or redirect everything to SSL.