升级到HTTPS时,Nginx解析错误的主机

时间:2018-03-25 07:29:25

标签: nginx

我有3个 NGINX 主机,我只想在HTTPS上投放。其中两个正常工作,但其中一个解决了错误的主机。这是所有信息

Nginx虚拟主机

# cat alpha.domain-a.tld
server {
    listen 80;
    server_name alpha.domain-a.tld;

    return 301 https://alpha.domain-a.tld$request_uri;
}

server {
    listen 443;

    ssl on;
    ssl_certificate     /etc/nginx/certs/alpha.domain-a.tld.pem;
    ssl_certificate_key /etc/nginx/certs/alpha.domain-a.tld.key;

    ssl_client_certificate /etc/nginx/certs/cloudflare.crt;
    ssl_verify_client on;

    root /var/www/alpha.domain-a.tld/;
    index index.html;

    server_name alpha.domain-a.tld;

    location / {
        try_files $uri $uri/ $uri.html =404;
    }
}

# cat mike.domain-a.tld
server {
    listen 80;
    server_name mike.domain-a.tld;

    return 301 https://mike.domain-a.tld$request_uri;
}

server {
    listen 443;

    ssl on;
    ssl_certificate     /etc/nginx/certs/domain-a.tld.pem;
    ssl_certificate_key /etc/nginx/certs/domain-a.tld.key;

    ssl_client_certificate /etc/nginx/certs/cloudflare.crt;
    ssl_verify_client on;

    root /var/www/mike.domain-a.tld/;
    index index.html;

    server_name mike.domain-a.tld;

    location / {
        try_files $uri $uri/ $uri.html =404;
    }
}

# cat juliet.domain-b.tld
server {
    listen 80;
    server_name juliet.dommain-b.tld;

    return 301 https://juliet.domain-b.tld$request_uri;
}

server {
    listen 443;

    ssl on;
    ssl_certificate     /etc/nginx/certs/domain-b.tld.pem;
    ssl_certificate_key /etc/nginx/certs/domain-b.tld.key;

    ssl_client_certificate /etc/nginx/certs/cloudflare.crt;
    ssl_verify_client on;

    root /var/www/juliet.domain-b.tld;  
    index index.html;

    server_name juliet.domain-b.tld;

    location / {
        try_files $uri $uri/ $uri.html =404;
    }
}

Alpha和迈克正确解析,但是,当我尝试访问http://juliet时,它会将我重定向到alpha而不是https://juliet,如下所示:

# curl -I --resolve alpha.domain-a.tld:80:127.0.0.1 http://alpha.domain-a.tld/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: #OMMITED
Content-Type: text/html
Content-Length: #OMMITED
Connection: keep-alive
Location: https://alpha.domain-a.tld/

# curl -I --resolve mike.domain-a.tld:80:127.0.0.1 http://mike.domain-a.tld/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: #OMMITED
Content-Type: text/html
Content-Length: #OMMITED
Connection: keep-alive
Location: https://mike.domain-a.tld/

# curl -I --resolve juliet.domain-b.tld:80:127.0.0.1 http://juliet.domain-b.tld/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: #OMMITED
Content-Type: text/html
Content-Length: #OMMITED
Connection: keep-alive
Location: https://alpha.domain-a.tld/

有谁能帮我找出为什么juliet会解析第一个字母数字主机(alpha)而不是juliet?

1 个答案:

答案 0 :(得分:0)

看看juliet的server_name

# cat juliet.domain-b.tld
server {
    listen 80;
    server_name juliet.dommain-b.tld;

    return 301 https://juliet.dommain-b.tld$request_uri;
}

juliet.dommain-b.tld可能不存在?我认为你的curl命令是正确的(使用正确的url)但是在你的nginx配置中你写了错误的名字。您的nginx服务器不知道域,但dns请求正确解析到您的服务器,因此您的服务器返回您的nginx配置的第一个条目。