我正在尝试使用https://github.com/dmathieu/sabayon为heroku上的php应用设置let-encrypt Sabayon提供了一个示例,用于重新定向带有Apache的 acme-challenge 调用来自allow-encrypt:https://github.com/dmathieu/sabayon#php-apps
我试图把它翻译成Nginx,但我不能让它在Heroku上工作 在当地它工作正常。
我试过了:
location ~ ^/.well-known/acme-challenge/(.*)$ {
if (!-e $request_filename){
rewrite ^(.*)$ /.well-known/acme-challenge/index.php?q=$1 last;
break;
}
}
location ~ \.php$ {
try_files @heroku-fcgi @heroku-fcgi;
}
但这导致PHP代码作为下载文件。
我也尝试过:
location /.well-known/acme-challenge/ {
# try to serve file directly, fallback to rewrite
try_files $uri @rewriteapp;
}
location @rewriteapp {
rewrite ^(.*)$ /.well-known/acme-challenge/index.php/$1 last;
}
location ~ \.php$ {
try_files @heroku-fcgi @heroku-fcgi;
}
这导致403。
更新
我刚刚发现403是由.well-known/acme-challenge中的点引起的。
如何做到这一点?
答案 0 :(得分:0)
有几件事要照顾:
.well-known可访问所以这最终对我有用:
location ^~ /.well-known/acme-challenge/ {
allow all;
# try to serve file directly, fallback to rewrite
try_files $uri @rewriteacme;
}
location @rewriteacme {
rewrite ^(.*)$ /.well-known/acme-challenge/index.php/$1 last;
}
location ^~ /.well-known/acme-challenge/index.php {
try_files @heroku-fcgi @heroku-fcgi;
internal;
}