我已经成功获取了 SSL 证书,现在我尝试使用 NGINX 保留代理设置将其实现到我的 AWS 服务器中,下面是配置文件:
server {
listen 80;
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl;
ssl_certificate /etc/nginx/ssl/cert_chain.crt;
ssl_certificate_key /etc/nginx/ssl/website.key;
server_name ~^(?<subdomain>.+)\.example\.com$;
location / {
proxy_pass http://www.example.com:8888;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $subdomain.example.com;
proxy_cache_bypass $http_upgrade;
}
}
如果我更改设置以监听端口 80,那么它就可以正常工作。我已在 AWS 安全组中启用了端口 443,结果如下netstat -tulpn | grep 443:
(Not all processes could be identified, non-owned process info
will not be shown, you would have to be root to see it all.)
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN -
所以这意味着它已经在监听端口 443 了,对吧?我还确保 nginx 以 root 身份运行ps aux|grep nginx|grep -v grep:
root 11567 0.0 0.3 177080 3060 ? Ss 09:36 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
www-data 11568 0.0 0.7 177344 7568 ? S 09:36 0:00 nginx: worker process
我检查了 Nginx 错误日志,里面什么都没有,但当我使用 https 访问我的 URL 时,它只是显示响应时间太长。有人能帮忙吗?谢谢。
答案1
用以下代码替换第一个服务器部分
server {
listen 80;
server_name example.com;
location / {
rewrite ^/(.+) https://example.com/ permanent;
}
}