使用单个域的多个端口的 SSL - 使用 nginx 的 ubuntu

tag-icon tag-icon ubuntu nginx ssl
使用单个域的多个端口的 SSL - 使用 nginx 的 ubuntu

我正在尝试使用 nginx 在 Ubuntu 中为多个端口设置 SSL。我有一个域wpdev1.tk。目前它在使用和不使用 SSL 的情况下都可以工作。我有另一个在同一个域上运行的 Web 应用程序,但端口不同。即wpdev1.tk:8080。目前它仅在没有 SSL 的情况下工作。在端口 8080 中使用 SSL 不起作用。以下是我的 nginx 配置。

upstream fastcgi_backend {
         server  unix:/run/php/php7.1-fpm.sock;
}

server {
    listen 80;
    listen [::]:80;
    index  index.php index.html index.htm;
    server_name  wpdev1.tk www.wpdev1.tk;

    set $MAGE_ROOT /var/www/html/magento225;
    set $MAGE_MODE developer;
    include /var/www/html/magento225/nginx.conf.sample;
}




 #server {
       # listen 8080;
       # index  index.php index.html index.htm;
       # server_name  wpdev1.tk  www.wpdev1.tk;
       # root         /var/www/html/test;
   # }




server {

     listen 443 ssl http2;
     server_name wpdev1.tk www.wpdev1.tk;
     ssl on;
     ssl_certificate /etc/letsencrypt/live/wpdev1.tk/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/wpdev1.tk/privkey.pem;


    ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout 24h;
    keepalive_timeout 300s;

  #include snippets/self-signed.conf;
  #include snippets/ssl-params.conf;

    location / {
        proxy_pass http://127.0.0.1;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Ssl-Offloaded "1";
        proxy_set_header      X-Forwarded-Proto https;
        proxy_set_header      X-Forwarded-Port 443;
        #proxy_hide_header X-Varnish;
        #proxy_hide_header Via;
        proxy_set_header X-Forwarded-Proto $scheme;

    }
}



server {

     listen 80;
     listen 8443 default ssl;
     server_name wpdev1.tk www.wpdev1.tk;
     index  index.php index.html index.htm;
     #ssl on;
     ssl_certificate /etc/letsencrypt/live/wpdev1.tk/fullchain.pem;
     ssl_certificate_key /etc/letsencrypt/live/wpdev1.tk/privkey.pem;


    ssl_protocols              TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers               'AES128+EECDH:AES128+EDH:!aNULL';
    ssl_session_cache    shared:SSL:10m;
    ssl_session_timeout 24h;
    keepalive_timeout 300s;

  #include snippets/self-signed.conf;
  #include snippets/ssl-params.conf;

    location / {
        proxy_pass http://127.0.0.1:8443;
        proxy_set_header Host $http_host;
        proxy_set_header X-Forwarded-Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Ssl-Offloaded "1";
        proxy_set_header      X-Forwarded-Proto https;
        proxy_set_header      X-Forwarded-Port 8443;
        #proxy_hide_header X-Varnish;
        #proxy_hide_header Via;
        proxy_set_header X-Forwarded-Proto $scheme;

    }
}

我是否遗漏了什么?

更新 1: 我已经更新了问题(我删除了 80 端口配置并将其添加到 SSL 配置中)

现在我尝试访问时出现以下错误, https://wpdev1.tk:8443/

400 Bad Request
The plain HTTP request was sent to HTTPS port

相关内容