NGINX将HTTPS重定向到HTTPS

时间:2020-05-25 10:01:45

标签: ssl nginx redirect

如何将https从一个域重定向到另一个域的https?

案例描述:

我拥有指向NS服务器中相同IP /网站的三个域:

  1. example1.com
  2. example2.com
  3. example3.com

我只为最初为第一个域颁发的一个SSL许可证付费,所以当我购买第二个域时,我将所有流量重定向到https://example1.com

最近,我想将所有呼叫重定向到一个新域:https://example3.com。我为新域重新发行了旧的SSL许可证,并成功安装了它。最后一部分是将所有流量重定向到新域。

现在,来自http的所有流量都可以很好地重定向,但是http s https://example1.comhttps://example2.com)根本没有定向,从而导致工作“不安全”页。

当我尝试收听443 SSL并将其从1&2名称服务器重定向到第三个名称服务器并运行service nginx restart时,我得到:

Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.

运行systemctl status nginx.service时,我得到:

nginx.service - A high performance web server and a reverse proxy server
   Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Sun 2020-05-24 17:53:24 UTC; 4min 5s ago
  Process: 14068 ExecStop=/sbin/start-stop-daemon --quiet --stop --retry QUIT/5 --pidfile /run/nginx.pid (code=exited, status=0/SUCCESS)
  Process: 13952 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
  Process: 14073 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
 Main PID: 13957 (code=exited, status=0/SUCCESS)

我猜我做错了,不允许两次重定向443 SSL

代码

这是我的conf,无需重定向https example1.com和example2.com就可以正常工作:

/etc/nginx/nginx.conf上,我有include /etc/nginx/sites-enabled/*;

/etc/nginx/sites-enabled/example3.com.conf上,我这样写:

server {
    listen 80;
    server_name example3.com wwww.example3.com example1.com www.example1.com example2.com www.example2.com;
    rewrite ^/(.*) https://example3.com/$1 permanent;
}


server {
    listen 443 ssl;
    server_name example3.com;
    ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
    ssl_certificate_key /etc/ssl/websitessl/example3.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
}

这可能是重复的: HTTPS to HTTPS redirect Nginx 但是我无法使其正常工作。

1 个答案:

答案 0 :(得分:0)

感谢@RichardSmith,我了解到,为了在不发出“页面不安全”警告的情况下将HTTPS重定向到HTTPS,您应该将ssl_语句放在服务器块之外,以便将所有域都包括在内。

ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/websitessl/example3.com.key;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

server {
        listen  80 default_server;
        listen  443 ssl default_server;
        return  301 https://example3.com$request_uri;
}

server {
    listen 443 ssl;
    server_name example3.com;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;
}
相关问题
最新问题