我刚刚遵循了以下教程:
sudo add-apt-repository ppa:certbot/certbot
sudo apt-get update
sudo apt-get install python-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
# Only valid for 90 days, test the renewal process with
certbot renew --dry-run
这确实有效,但仅适用于在主域上运行的客户端。但我还有一个在端口 8000 上运行的 API。当我访问 mydomain.com:8000 时,它确实将我重定向到 https,但它显示以下错误:
基本上它会永远加载。
我的防火墙已允许使用 https。我的意思是,基本域运行正常,只是端口 8000 不适用于 https,它适用于 http。
server {
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html/dexhub/client/build;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name www.iprofitmizer.com iprofitmizer.com; # managed by Certbot
error_page 404 /;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /api {
proxy_pass http://localhost:8000;
}
答案1
获取 nodejs API 的最简单方法是通过这样的代理来定义它
location /api {
proxy_pass http://localhost:8000;
}
在您的 nginx 虚拟主机配置中(例如/etc/nginx/sites-enabled/my-site.conf)。然后您应该能够通过以下方式访问您的 APIhttps://iprofitmizer.com/api
并且 certbot 自动续订功能也应该可以工作。
否则,您必须将 TLS 支持集成到您的 nodejs 应用程序中。