NGINX 反向代理 acme-challenge http 到 404

tag-icon tag-icon nginx lets-encrypt http-status-code-404 nginx-reverse-proxy
NGINX 反向代理 acme-challenge http 到 404

首先对我糟糕的英语表示抱歉^^

我尝试设置反向代理,它工作正常。现在我想使用 letsencrypt 获取 SSL 证书,但失败了^^

在反向代理上,我创建了一个文件 1234.txt 来尝试连接它。

我可以连接到 https://mysite/.well-known/acme-challenge/1234.txt,但我无法在http://mysite/.well-known/acme-challenge/1234.txt上获得错误404。

我的 nginx 配置哪里出错了?

    upstream [MySite].com {
    server "[MySite].com";
}
server {
    listen 80;
    root /var/www/html/[MySite].com;
    
    rewrite ^(.*) https://$host$1 permanent;
    
    location ~/.well-known/ {
        allow all;
    }
}
server {
    listen 443 ssl;
    server_name [MySite].com;
    ssl_certificate /etc/nginx/ssl/mysite.crt;
    ssl_certificate_key /etc/nginx/ssl/mysite.depro.key;
    proxy_redirect off;
    
    location / {
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_pass https://X.X.X.X:8006;
        proxy_buffering off;
        client_max_body_size 0;
        proxy_connect_timeout 3600s;
        proxy_read_timeout 3600s;
        proxy_send_timeout 3600s;
        send_timeout 3600s;
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
    
    location ~/.well-known/ {
        allow all;
    }
}

非常感谢您的回复,

问候,

答案1

早上好,经过多次尝试,我终于可以访问 http。是的!谢谢 Richard,这是正确的 conf 文件:

upstream [MySite].com {
        server "[MySite].com";
}
server {
        listen 80;
        server_name [MySite].com;
        root /var/www/html/[MySite].com;
        location / {
                return 301 https://$host$request_uri;
        }

        location ~/.well-known {
                allow all;
                }
}
server {
        listen 443 ssl;
        server_name [MySite].com;
        ssl_certificate /etc/nginx/ssl/CERT.crt;
        ssl_certificate_key /etc/nginx/ssl/CERT.depro.key;
        proxy_redirect off;
        root /var/www/html/[MySite].com;
        location / {
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_pass https://IP_DISTANTE:8006;
                proxy_buffering off;
                client_max_body_size 0;
                proxy_connect_timeout 3600s;
                proxy_read_timeout 3600s;
                proxy_send_timeout 3600s;
                send_timeout 3600s;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto $scheme;
        }

        location ~/.well-known {
                allow all;
            }
}

问候,

相关内容