我根据提供的文档和网上提供的文章配置了我的nginx。它没有完全专门用于http到https。 我尝试了不同的更改,但仍然无法成功执行...请看一下。
几点意见:我的。 nodejs app正在端口3000上运行。 幽灵博客运行于2368年。
HTTP — redirect all traffic to HTTPS
server {
listen 80;
server_name domainname.com www.domainname.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name www.domainname.com;
error_page 497 https://www.domainname.com$request_uri;
ssl_certificate /etc/letsencrypt/live/domainname.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domainname.com/privkey.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers KEY_HERE;
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
# ssl_trusted_certificate /etc/ssl/certs/dhparam.pem;
resolver 8.8.8.8;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location /blog {
proxy_pass http://localhost:2368;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
答案 0 :(得分:0)
我建议你这样做:
location / {
return 301 https://$host$request_uri;
}
答案 1 :(得分:0)
此问题已得到解决。
nginx配置一切正常。问题出在Google控制台平台上。 GCP配置中有一个复选框,其名称为“允许HTTP流量”,默认情况下未选中。我做了改变,开始工作了。谢谢你的回复。