我对nginx非常陌生,尝试在我的网站上使用宏伟的letsencrypt添加SSL,并帮助this tutorial
我有我的文件:/etc/nginx/sites-available/staging.example.com.conf,其中包含:
server {
listen 443 ssl;
server_name staging.example.com;
ssl_certificate /etc/letsencrypt/live/staging.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/staging.example.com/privkey.pem;
access_log /var/log/nginx/staging.example.com.access.log;
error_log /var/log/nginx/staging.example.com.error.log;
location ~ \.(css|js|gif|jpg|png|html|svg|gz|ttf|otf|eot|woff|ico)$ {
root /vagrant/www/current/public;
expires 10d;
gzip_static on;
gzip_vary on;
}
error_page 502 /502.html;
}
server {
listen 80;
server_name staging.example.com;
return 301 https://$host$request_uri;
}
在/vagrant/www/current/public中,我有test.html。
如果我cURL http://staging.example.com/test.html,我会:
<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.9.3</center>
</body>
</html>
但如果我cURL https://staging.example.com/test.html我得到curl: (7) Failed to connect to staging.mojjo.fr port 443: Connection timed out
无法找到任何日志或其他内容(/var/log/nginx/staging.example.com.error.log不包含任何内容)。我知道在哪里可以找到相关信息吗?
感觉端口80规则有效,但listen 443 ssl赢了。
使用nginx version: nginx/1.9.3
有人可以帮忙吗?谢谢
答案 0 :(得分:2)
可能您的端口443未打开。您可以对HTTP和HTTPS使用单个server定义:
server {
listen 80;
listen 443 ssl;
...
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
}