HTTPS到HTTPS重定向Nginx

时间:2015-09-07 08:05:27

标签: redirect nginx

如何将HTTPS重定向到另一个HTTPS(我只为一个域获得一个SSL证书)?

例如,如何从https://example.org重定向到https://example.com

我已经尝试搜索Google和其他论坛,但我找不到任何工作。

这是我完整的nginx文件:http://pastebin.com/XCQ3i0HT

2 个答案:

答案 0 :(得分:1)

这很容易做到:

server {
    listen       443 ssl;
    server_name  example.org;
    return       301 http://www.example.com$request_uri;
}

参见the docs,它描述了重写和301重定向之间的区别(自Nginx 0.9.1起推荐)

更新:

http {
    ssl_certificate /etc/nginx/ssl/example.com/10599/server.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/10599/server.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/ssl/dhparams.pem;


    server {
        listen       80;
        listen       443 ssl;
        server_name  example.eu www.example.eu example.org www.example.org www.example.com;
        return       301 https://example.com$request_uri;
    }


    server {
        listen 443 ssl;
        server_name example.com;
        root /home/forge/example.com;

        index index.html index.htm index.php;

        client_max_body_size 20m;

        charset utf-8;

        location / {
            try_files $uri $uri/ /index.php?$query_string;
        }

        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt  { access_log off; log_not_found off; }

        access_log off;
        error_log  /var/log/nginx/example.com-error.log error;

        error_page 404 /index.php;

        location ~ \.php$ {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            fastcgi_pass unix:/var/run/php5-fpm.sock;
            fastcgi_index index.php;
            include fastcgi_params;
        }

        location ~ /\.ht {
            deny all;
        }
    }

}

答案 1 :(得分:0)

以下代码对我来说正常工作。 

server {
    listen      80;
    server_name example.com;
    rewrite     ^   https://$server_name$request_uri? permanent;
}

“重写”会强制更新重定向规则。

步骤: 

1.Add above code in ngnix filename.conf below the server name
2.sudo service ngnix restart
3.Remove rewrite     ^   https://$server_name$request_uri? permanent;
4.sudo service ngnix restart

示例 

server {
  listen 80;
  server_name example.com;
  rewrite     ^   https://$server_name$request_uri? permanent;

  root /home/ubuntu/example/dist;

  try_files $uri $uri/ /index.html;

  location /api/ {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:3012/;
  }

  listen 443 ssl;
  ssl_certificate /etc/ssl/example/certificate.crt;
  ssl_certificate_key /etc/ssl/example/private.key;
}
相关问题
最新问题