我在Ubantu 18.10中使用“让我们加密”创建了SSL证书。请按照以下文档创建SSL证书。
https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates/
我检查是否成功创建了SSL证书。我已使用以下命令对其进行测试。
openssl verify chain.pem openssl verify -CAfile chain.pem cert.pem
我还检查了ssl连接及其显示是否已连接
openssl s_client -connect example.com:443 -servername example.com
Output
CONNECTED(00000005)
depth=2 C = IE, O = Baltimore, OU = CyberTrust, CN = Baltimore CyberTrust Root
verify return:1
depth=1 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = CloudFlare Inc ECC CA-2
verify return:1
depth=0 C = US, ST = CA, L = San Francisco, O = "CloudFlare, Inc.", CN = sni.cloudflaressl.com
verify return:1
Nginx配置文件
server {
listen 443 ssl;
listen [::]:443 default_server;
# listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
server_name example.com www.example.com;
root /var/www/html/example.com/public_html;
location / {
proxy_pass https://33.34.34.64:443;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
但是网站无法正常工作,但出现525错误(SSL握手失败)。在cloudflare中,““通用SSL有效”
任何人请提出可能的解决方案来解决此问题?
谢谢