问题:https://192.168.0.4/ 页面未加载并返回(在 Firefox 上):
Secure Connection Failed
An error occurred during a connection to 192.168.0.4. PR_END_OF_FILE_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.
而 nginx 仍然监听端口 80(而不是端口 443,根据配置它应该监听该端口)
我想做的是为另一个 http 服务器反向 https nginx 代理,但是现在我只想测试一下我的证书。我认为密钥/证书对一切正常,我已通过以下方式创建它们:
$ sudo openssl genpkey -out fd.key \
-algorithm RSA \
-pkeyopt rsa_keygen_bits:2048 \
-aes-128-cbc
进而
$ sudo openssl req -new -x509 -days 365 -key server.key -out server.crt
.在生成密钥/证书期间,我在字段中留下了(点符号)。
因此我修改了 /etc/nginx/available-sites 中的“默认”站点配置文件,如下所示:
server {
#listen 80 default_server;
#listen [::]:80 default_server;'
# SSL configuration
listen 9443 ssl default_server;
listen [::]:9443 ssl default_server;
ssl_certificate /etc/nginx/certs/server.crt;
ssl_certificate_key /etc/nginx/certs/server.key;
gzip off;
root /var/www/html;
location / {
#First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
# try_files $uri $uri/ =404;
}
(许多其他代码已注释,与本案例无关)
xyz@OV:/etc/nginx/sites-available$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
因此,此配置看起来一切正常。在配置中进行更改后,我总是这样做sudo systemctl restart nginx.service。
在加载此配置后,当我发出“sudo ss -tupln”命令时,它会输出:
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
tcp LISTEN 0 511 0.0.0.0:80 0.0.0.0:* users:(("nginx",pid=1727043,fd=6),("nginx",pid=1727042,fd=6),("nginx",pid=1727041,fd=6))
答案1
好的,现在我注意到,配置文件sites-available及其符号链接sites-enabled不起作用。我已将配置文件放入conf.d目录中,现在它可以正常工作了!
sites-*顺便问一下 - 为什么会这样,文件夹似乎不起作用的原因可能是什么?