配置 SSL(Certbot、LetsEncrypt)后无法访问 Nginx 网络服务器

tag-icon tag-icon nginx amazon-web-services ssl lets-encrypt certbot
配置 SSL(Certbot、LetsEncrypt)后无法访问 Nginx 网络服务器

我对 AWS 和 Web 服务器还很陌生,这个项目使用 nginx,代码使用 MERN 堆栈。无论如何,我使用以下方式启动并运行了我的网站教程,并使用教程(使用 letsencrypt 和 certbot)尝试将 SSL 添加到我的网站,该网站在标准 http 中运行良好。现在,当我尝试访问该网站时,它会超时,chrome 显示This site can’t be reached www.instaspots.net took too long to respond.

我的 nginx 配置文件如下

  server_name instaspots.net;
add_header Content-Security-Policy upgrade-insecure-requests;

  # react app & front-end files
  location / {
    root /opt/frontend/build;
    try_files $uri /index.html;
  }

  # node api reverse proxy
  location /items/ {
    proxy_pass http://localhost:4000/;
  }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/instaspots.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/instaspots.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    server_name www.instaspots.net; # managed by Certbot
add_header Content-Security-Policy upgrade-insecure-requests;

  # react app & front-end files
  location / {
    root /opt/frontend/build;
    try_files $uri /index.html;
  }

  # node api reverse proxy
  location /items/ {
    proxy_pass http://localhost:4000/;
  }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/instaspots.net/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/instaspots.net/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



}server {
    if ($host = instaspots.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  listen 80 default_server;
  server_name instaspots.net;
    return 404; # managed by Certbot


}server {
    if ($host = www.instaspots.net) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


  listen 80 ;
    server_name www.instaspots.net;
    return 404; # managed by Certbot


}

sudo netstat -plnt | grep nginx 返回

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      62312/nginx: master 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      62312/nginx: master

一切似乎都很好,但其他人调试时使用了,nc -zv instaspots.net 443但当我尝试时,它返回,connectx to instaspots.net port 443 (tcp) failed: Operation timed out使我相信这可能有助于指出问题。不幸的是,当涉及到系统管理员的事情时,我的调试技能不足,所以如果有人能指导我调试这个问题,我将非常感激。

答案1

您必须在 AWS 安全组中打开端口 443。

相关内容