NGINX +让我们加密:无法自动找到匹配的服务器块

时间:2018-12-17 23:58:55

标签: nginx lets-encrypt certbot nginx-config

我正在Ubuntu 18.04服务器上发布一个使用Python Pyramid创建的网站。该网站可以在HTTP上正常运行,现在我尝试通过遵循this article使其在HTTPS上运行,但是在尝试安装时却收到了以下消息:

IMPORTANT NOTES:
 - Unable to install the certificate
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dev.anything.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dev.anything.com/privkey.pem
   Your cert will expire on 2019-03-17. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"

这是我的配置文件,位于/etc/nginx/sites-available/snow_service.nginx上:

server {
    listen 80;
    listen 443 ssl;
    server_name dev.anything.com
    server_tokens off;
    ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;

    charset utf-8;
    client_max_body_size 1M;

    location /static {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
        expires 1d;
    }
    location / {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        try_files $uri @yourapplication;
    }
    location @yourapplication {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        server_tokens off;
        include uwsgi_params;
        proxy_set_header Host $host;
        proxy_set_header real_scheme $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://127.0.0.1:8999;
    }
}

我还尝试使用域名重命名该文件,但是它也无法正常工作。 我手动放置的ssl证书的路径,因为我在堆栈溢出的另一个答案中看到了它。

我想念什么?感谢您的帮助

2 个答案:

答案 0 :(得分:1)

启用站点中的文件应该只是指向可用站点中“实际”文件的链接。 您只应在可用站点中编辑它们,然后运行

cd / etc / nginx / sites-enabled ln -s ../ sites-available / your-site.conf

启用该网站。

如果要禁用该站点,只需删除启用站点的链接。

答案 1 :(得分:0)

这是解决方案: 我正在更改sites-available文件夹中的文件,而没有更改sites-enabled文件夹中的文件。这是最终的文件内容:

server {
    listen 80 default_server;
    server_name dev.anything.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    server_name elglobe_snow_service
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;

    charset utf-8;
    client_max_body_size 1M;

    location /static {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
        expires 1d;
    }
    location / {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        try_files $uri @yourapplication;
    }
    location @yourapplication {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        server_tokens off;
        include uwsgi_params;
        proxy_set_header Host $host;
        proxy_set_header real_scheme $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://127.0.0.1:8999;
    }
}
相关问题
最新问题