Question

我想向我的Django应用添加ssl证书。我遵循了tutorial，因此域的nginx配置已更改，但现在看来生成的证书不正确。

修改certbot之前的nginx conf

server {
    listen 80;
    listen [::]:80;
    server_name doamin.com www.domain.com;


    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/poul3r/doamin.com;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
    }
}

以及certbot操作之后

server {
    server_name doamin.com www.doamin.com;


    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        root /home/poul3r/doamin.com;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
    }



    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/doamin.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/doamin.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}



server {
    if ($host = doamin.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name doamin.com www.doamin.com;
    return 404; # managed by Certbot
}

在执行letencypt期间我做错了什么或可能出错了？

Answer 1

我已经找到解决此问题的方法。基于solution的信息，我意识到nginx上还有一个应用没有ssl认证，但重定向到443。当我将其配置更改为仅侦听80时，第一个域可以正常工作。

无法使用LetsEncrypt证书连接到网站-Nginx

1 个答案: