LetsEncrypt - VirtualMin - Nginx:更改根文件夹

时间:2017-08-30 09:20:09

标签: php nginx lets-encrypt webmin

我在ubuntu 16.04上第一次使用virtualmin。我的网站根文件夹位于:

的public_html / SITE1

所以当我使用let的加密时 - 它会在public_html

中生成密钥文件

但是无法访问它:domain.com/.well-know /...

错误:

Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying example.com...
Wrote file to /home/example/public_html/.well-known/acme-challenge/uRAt9PdzbO8nyt1wClsB4KX04JG80qFluSXGs, but couldn't download http://example.com/.well-known/acme-challenge/uRAt9PdzbO8nyt1wClsB4KX04JG80qFluSXGs
Traceback (most recent call last):
  File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
    main(sys.argv[1:])
  File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
    signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
  File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
    domain, challenge_status))
ValueError: example.com challenge did not pass:

我正在使用NGINX,我在启用网站的conf中有这个:

server {
    server_name .azure.com; 
    return 301 http://www.example.com$request_uri;
}

server {

    server_name example.com www.example.com;
    listen 10.0.1.4;
    root /home/example/public_html/public;
    index index.html index.php;
    access_log /var/log/virtualmin/example.com_access_log;
    error_log /var/log/virtualmin/example.com_error_log;
    fastcgi_param GATEWAY_INTERFACE CGI/1.1;
    fastcgi_param SERVER_SOFTWARE nginx;
    fastcgi_param QUERY_STRING $query_string;
    fastcgi_param REQUEST_METHOD $request_method;
    fastcgi_param CONTENT_TYPE $content_type;
    fastcgi_param CONTENT_LENGTH $content_length;
    fastcgi_param SCRIPT_FILENAME /home/example/public_html/public$fastcgi_script_name;
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    fastcgi_param REQUEST_URI $request_uri;
    fastcgi_param DOCUMENT_URI $document_uri;
    fastcgi_param DOCUMENT_ROOT /home/example/public_html/public;
    fastcgi_param SERVER_PROTOCOL $server_protocol;
    fastcgi_param REMOTE_ADDR $remote_addr;
    fastcgi_param REMOTE_PORT $remote_port;
    fastcgi_param SERVER_ADDR $server_addr;
    fastcgi_param SERVER_PORT $server_port;
    fastcgi_param SERVER_NAME $server_name;
    fastcgi_param HTTPS $https;

    location / 
    {
        try_files $uri $uri/ /index.php?$query_string;
        gzip on;
    }

    location ~* \.(?:css|js|woff|eot|svg|ttf|otf|png|gif|jpe?g) 
    {
        expires max;
    }

    location ~ \.php$ 
    {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }

    location ~ /\.ht 
    {
        deny all;
    }

    location ^~ /public/.well-known/acme-challenge/ {

        default_type "text/plain";
        root /var/www/letsencrypt;
    }

    listen 10.0.1.4:443 default_server ssl;
    ssl_certificate /home/example/ssl.cert;
    ssl_certificate_key /home/example/ssl.key;
}

任何想法如何解决?

3 个答案:

答案 0 :(得分:2)

我知道如何解决它。您必须在虚拟主机中注释一行。

#RedirectMatch /(?!.well-known)(.*)$ https://example.com/$1

Note: Remember to replace example.com with your own domain name.

然后再次请求证书,并删除虚拟主机中的注释“#”,一切正常。

我想这是一个错误...

我希望这能解决您的问题。

答案 1 :(得分:0)

试试这个

   location ^~ /.well-known/acme-challenge/ {
         alias /home/example/public_html/;
         try_files $uri $uri/ =404;
    }

答案 2 :(得分:0)

该解决方案在Linux上很简单,只需创建一个符号链接,将public_html / .well-known从public_html / public / .well-known定位为目标

cd /home/{user}/public_html

# Skip this step if the directory already exists
mkdir -p .well-known/acme-challenge

# the user and group are the same in case of virtualmin
chown {user}:{group} .well-known

cd public

ln -s ../.well-known .well-known

# To verify
ls -la

输出应如下所示

enter image description here

Source

相关问题
最新问题