我正在尝试使用 nginx 在 Ubuntu 中为多个端口设置 SSL。我有一个域wpdev1.tk
。目前它在使用和不使用 SSL 的情况下都可以工作。我有另一个在同一个域上运行的 Web 应用程序,但端口不同。即wpdev1.tk:8080
。目前它仅在没有 SSL 的情况下工作。在端口 8080 中使用 SSL 不起作用。以下是我的 nginx 配置。
upstream fastcgi_backend {
server unix:/run/php/php7.1-fpm.sock;
}
server {
listen 80;
listen [::]:80;
index index.php index.html index.htm;
server_name wpdev1.tk www.wpdev1.tk;
set $MAGE_ROOT /var/www/html/magento225;
set $MAGE_MODE developer;
include /var/www/html/magento225/nginx.conf.sample;
}
#server {
# listen 8080;
# index index.php index.html index.htm;
# server_name wpdev1.tk www.wpdev1.tk;
# root /var/www/html/test;
# }
server {
listen 443 ssl http2;
server_name wpdev1.tk www.wpdev1.tk;
ssl on;
ssl_certificate /etc/letsencrypt/live/wpdev1.tk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wpdev1.tk/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 24h;
keepalive_timeout 300s;
#include snippets/self-signed.conf;
#include snippets/ssl-params.conf;
location / {
proxy_pass http://127.0.0.1;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Ssl-Offloaded "1";
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
#proxy_hide_header X-Varnish;
#proxy_hide_header Via;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
server {
listen 80;
listen 8443 default ssl;
server_name wpdev1.tk www.wpdev1.tk;
index index.php index.html index.htm;
#ssl on;
ssl_certificate /etc/letsencrypt/live/wpdev1.tk/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/wpdev1.tk/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 24h;
keepalive_timeout 300s;
#include snippets/self-signed.conf;
#include snippets/ssl-params.conf;
location / {
proxy_pass http://127.0.0.1:8443;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Ssl-Offloaded "1";
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 8443;
#proxy_hide_header X-Varnish;
#proxy_hide_header Via;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
我是否遗漏了什么?
更新 1: 我已经更新了问题(我删除了 80 端口配置并将其添加到 SSL 配置中)
现在我尝试访问时出现以下错误, https://wpdev1.tk:8443/
400 Bad Request
The plain HTTP request was sent to HTTPS port