我有以下适用于 http 的配置:
server {
listen 80;
listen [::]:80;
server_name subdomain.domain.tech;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass "http://127.0.0.1:1337";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
}
我尝试使用 https 并访问https://subdomain.domain.tech我在 nginx 上无限加载,但没有错误。https 配置:
server {
listen 443 ssl;
server_name subdomain.domain.tech;
ssl on;
ssl_certificate /etc/letsencrypt/live/subdomain.domain.tech/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/subdomain.domain.tech/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/access.log postdata;
location / {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_pass "http://127.0.0.1:1337";
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_cache_bypass $http_upgrade;
}
}
如果我输入 http URL,我还尝试删除 http 部分并重定向到 https:
server {
listen 80;
listen [::]:80;
server_name subdomain.domain.tech;
return 301 https://subdomain.domain.tech$request_uri;
}
我还验证了证书是否存在。但这很明显,因为我没有收到来自 nginx 的任何错误。
知道为什么它不起作用吗?谢谢
答案1
显然这是一件愚蠢的事情。由于我使用的是 Amazon AWS EC2,我忘记在 Amazon 防火墙中打开端口。在允许端口 443 上的流量后,一切都正常了 ;)