我想仅通过IP地址访问我的应用。我已经使用Forge安装了DigitalOcean Droplet,但是在Forge中,这表明我需要设置一个域来安装SSL证书。
是否可以在没有域的情况下执行此操作?
我认为,如果我创建一个“虚拟域”(例如example.com)并通过其IP地址访问我的应用程序,将无法正常工作吗?
是否是直接在Droplet上安装自签名证书的唯一选择?
编辑
我使用here指令为nginx配置了自签名证书。
当我使用其IP地址访问我的应用程序时,我现在收到nginx(不是Laravel应用程序)产生的404错误。该域仍然是默认域,并且在安装证书之前,该应用程序正在运行。
我猜我的/etc/nginx/sites-available/default文件中现在有什么冲突吗?
全部内容(仅删除了我的IP地址):
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/default/before/*;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name IP_ADDRESS_IS_HERE;
return 301 https://$server_name$request_uri;
root /home/forge/default/public;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/default/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/default-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
server {
# SSL configuration
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
include snippets/self-signed.conf;
include snippets/ssl-params.conf;
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/default/after/*;