我在gunicorn中设置了多个本地内部应用,并使用面向公众的nginx服务器(在vagrant实例内部,尽管这对于这个特定问题可能并不重要)。在我的SSL handshake文件中,以下任何一个应用的/var/log/nginx/error.log错误都显示如下:
2019/03/27 22:38:24 [info] 4710#4710: *30 SSL_do_handshake() failed (SSL: error:14094415:SSL routines:ssl3_read_bytes:sslv3 alert certificate expired:SSL alert number 45) while SSL handshaking, client: 192.168.33.1, server: 0.0.0.0:443
我想知道是否有可能代替指定的0.0.0.0:443来显示我指定的任何一个域的server_name(在下面的服务器配置中为domain.com)在他们的.conf文件中。我的其中一台服务器的简单配置在nginx.conf文件中如下所示:
server {
# listen on port 443 (https)
listen 443 ssl;
server_name domain.com;
# location of the self-signed SSL certificate
ssl_certificate /home/ubuntu/microblog/certs/cert.pem;
ssl_certificate_key /home/ubuntu/microblog/certs/key.pem;
# write access and error logs to /var/log
access_log /var/log/microblog_access.log;
error_log /var/log/microblog_error.log;
location / {
# forward application requests to the gunicorn server
proxy_pass http://localhost:8000;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /static {
# handle static files directly, without forwarding to the application
alias /home/ubuntu/microblog/app/static;
expires 30d;
}
}