我在 VMbox Debian 10 上运行一个 apache WordPress 网站。我在 eu.org 有一个域名,并且我的域名有 Let's Encrypt 证书,因此我的网站可以通过 HTTPS 访问。
我还安装了带有 RTMP 模块的 Nginx,并设置了嵌入在网站帖子中的 HLS(HTTP 实时流)流。使用 iPhone 观看时效果很好,但当我尝试使用 PC 或 Android 观看时,出现错误,提示内容混合,这意味着我的网站运行的是 HTTPS,而流本身是 HTTP。
如何使用 HTTPS 确保其安全?
尽管我没有在 Nginx 上运行任何网站,但我能否以某种方式将我在 Apache 上运行的相同证书包含在 Nginx 服务器上?
nginx.conf以下是我的文件的内容:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
load_module modules/ngx_rtmp_module.so;
load_module modules/ngx_stream_module.so;
events {
worker_connections 1024;
}
# RTMP configuration
rtmp {
server {
listen 1935; # Listen on standard RTMP port
chunk_size 4000;
application live {
live on;
# Turn on HLS
hls on;
hls_path /mnt/hls/;
hls_fragment 3;
hls_playlist_length 60;
# disable consuming the stream from nginx as rtmp
deny play all;
}
}
}
http {
sendfile off;
tcp_nopush on;
directio 512;
default_type application/octet-stream;
server {
listen 444 default_server;
server_name magrega.ru.eu.org;
ssl on;
ssl_certificate /etc/letsencrypt/live/magrega.ru.eu.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/magrega.ru.eu.org/privkey.pem; # managed by Certbot
location / {
# Disable cache
add_header 'Cache-Control' 'no-cache';
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
types {
application/dash+xml mpd;
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /mnt/;
}
}
}user www-data;
worker_processes auto;
pid /run/nginx.pid;
load_module modules/ngx_rtmp_module.so;
load_module modules/ngx_stream_module.so;
events {
worker_connections 1024;
}
# RTMP configuration
rtmp {
server {
listen 1935; # Listen on standard RTMP port
chunk_size 4000;
application live {
live on;
# Turn on HLS
hls on;
hls_path /mnt/hls/;
hls_fragment 3;
hls_playlist_length 60;
# disable consuming the stream from nginx as rtmp
deny play all;
}
}
}
http {
sendfile off;
tcp_nopush on;
directio 512;
default_type application/octet-stream;
server {
listen 444 default_server;
server_name magrega.ru.eu.org;
ssl on;
ssl_certificate /etc/letsencrypt/live/magrega.ru.eu.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/magrega.ru.eu.org/privkey.pem; # managed by Certbot
location / {
# Disable cache
add_header 'Cache-Control' 'no-cache';
# CORS setup
add_header 'Access-Control-Allow-Origin' '*' always;
add_header 'Access-Control-Expose-Headers' 'Content-Length';
# allow CORS preflight requests
if ($request_method = 'OPTIONS') {
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Max-Age' 1728000;
add_header 'Content-Type' 'text/plain charset=UTF-8';
add_header 'Content-Length' 0;
return 204;
}
types {
application/dash+xml mpd;
application/vnd.apple.mpegurl m3u8;
video/mp2t ts;
}
root /mnt/;
}
}
}