Nginx 重定向失败

Nginx 重定向失败

我最近将我的所有网站都转为 https,这是 cv 网站配置的示例

server {
   listen 80;
   server_name cv.host.com;
   root /www/cv/app;
   index index.html index.htm index.php;
   access_log /www/log/cv/nginx-access.log;
   error_log /www/log/cv/nginx-error.log;
   location /
   {
       try_files $uri $uri/ =404;
   }
   location ~ \.php$
   {
      include snippets/fastcgi-php.conf;
       fastcgi_pass unix:/run/php/php7.0-fpm.sock;
   }
   listen 443 ssl;
   ssl_certificate /etc/letsencrypt/live/cv.host.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/cv.host.com/privkey.pem;
   include /etc/letsencrypt/options-ssl-nginx.conf;
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
   if ($scheme != "https") {
       return 301 https://$host$request_uri;
   } # managed by Certbot
}

但当我尝试打开http://cv.host.com我的浏览器时被重定向到https://host.comau lieu dehttps://cv.host.com

Ngninx 似乎调用了我的默认配置

server {
    listen  80 default_server;
    server_name _;    
    root /www/default/app;
    index index.html index.htm index.php;    
    access_log /www/log/default/nginx-access.log;
    error_log /www/log/default/nginx-error.log;    
    location /
    {
        try_files $uri $uri/ =404;
    }    
    location ~ \.php$
    {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
    }    
    listen 443 ssl default_server;
    ssl_certificate /etc/letsencrypt/live/host.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/host.com/privkey.pem; 
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/ssl/certs/dhparam.pem;    
    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
}

所以当我问http://cv.host.com我在 https 中无法访问好网站...我的配置有误吗?还有其他方法可以将所有内容重定向到 https 吗?

答案1

除非使用相同的 SSL 证书,否则不能将两个 vhost 放在同一个 IP 上用于 SSL。

这是由于 SSL 的工作方式所致。nginx 在解密流之前对主机头一无所知。因此,当它首次连接时,它会命中您的默认条目。

相关内容