在http上使用uwsgi + nginx的Django,但一旦我在443上添加了listen并在ssl上添加了;不再工作了

时间:2018-10-25 13:31:29

标签: django ssl nginx https

我正在尝试使我的网站正常运行,并且它在http上可以正常工作,但是当使用ssl证书和https时,我在/etc/nginx/sites-available/drlandivar.conf中添加了443和ssl的监听功能,它说连接不安全。

(它的3个域,指向一个项目)

这是我的/etc/nginx/sites-available/drlandivar.conf 

    upstream django {
    server 0.0.0.0:8080;
}

server {
    listen 80;
    server_name drlandivar.com www.drlandivar.com;
    return  301 https://drlandivar.com$request_uri;
}
server {
    listen 80;
    server_name doutorlandivar.com www.doutorlandivar.com;
    return  301 https://doutorlandivar.com$request_uri;
}

server {
    listen 80;
    server_name doctorlandivar.com www.doctorlandivar.com;
    return  301 https://doctorlandivar.com$request_uri;
}


server {
    listen 443;
    server_name drlandivar.com www.drlandivar.com;
    charset     utf-8;

    client_max_body_size 75M;   # adjust to taste

    ssl on;
    ssl_certificate /etc/nginx/ssl/drlandivar.com/server.crt;
    ssl_certificate_key /etc/nginx/ssl/drlandivar.com/server.key;

    location /media  {
        alias /opt/virtualenv/landivarpj/media;  
    }

    location /static {
        alias /opt/virtualenv/landivarpj/static; 
    }

    location / {
    include /opt/virtualenv/landivarpj/uwsgi_params;
    proxy_pass https://django;
    proxy_redirect off;
    include proxy_params;
    }
}

server {
    listen 443;
    server_name doutorlandivar.com www.doutorlandivar.com;
    charset     utf-8;

    client_max_body_size 75M;   # adjust to taste

    ssl on;
    ssl_certificate /etc/nginx/ssl/doutorlandivar.com/server.crt;
    ssl_certificate_key /etc/nginx/ssl/doutorlandivar.com/server.key;

    location /media  {
        alias /opt/virtualenv/landivarpj/media;  
    }

    location /static {
        alias /opt/virtualenv/landivarpj/static; 
    }

    location / {
    include /opt/virtualenv/landivarpj/uwsgi_params;
    proxy_pass https://django;
    proxy_redirect off;
    include proxy_params;
    }
}


server {
    listen 443;
    server_name doctorlandivar.com www.doctorlandivar.com;
    charset     utf-8;

    client_max_body_size 75M;   # adjust to taste

    ssl on;
    ssl_certificate /etc/nginx/ssl/doctorlandivar.com/server.crt;
    ssl_certificate_key /etc/nginx/ssl/doctorlandivar.com/server.key;

    location /media  {
        alias /opt/virtualenv/landivarpj/media;  
    }

    location /static {
        alias /opt/virtualenv/landivarpj/static; 
    }

    location / {
    include /opt/virtualenv/landivarpj/uwsgi_params;
    proxy_pass https://django;
    proxy_redirect off;
    include proxy_params;
    }
}

我的/ etc / nginx / proxy_params 

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;

在我的django项目中,我的设置如下:

SECURE_SSL_REDIRECT = True
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

我认为proxy_params或proxy_pass https://django中存在问题;

致谢

2 个答案:

答案 0 :(得分:0)

proxy_pass https://django; #此设置可能是错误的。

在普通的uwsgi服务中,使用uwsgi协议服务时,可以使用uwsgi_pass,并且一台服务器不需要上游,上游协议可能是错误的,肯定不是https。

您的网址设置顺序也是错误的,nginx网址匹配顺序是相反的。 对不起,我的英语不好。

答案 1 :(得分:0)

哎呀,问题出在我的ssl证书上,而他们的自签名证书和firefox却不接受它们,用let加密做新的ssl确实解决了我的问题

相关问题
最新问题