在网上搜索了大量链接,我不明白为什么这个会议不能正确地从http://example.com到https://example.com
我的nginx配置:
# HTTPS
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
index index.html;
# Prevent nginx HTTP Server Detection
server_tokens off;
server_name example.org;
root /home/www/example.org;
# Let's Encrypt conf
include /etc/nginx/ssl.conf;
access_log /var/log/nginx/example.org.access.log;
}
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name example.org;
location / {
return 301 https://$server_name$request_uri;
}
}
网络状态:
# netstat -nptl | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 71768/nginx: master
tcp6 0 0 :::80 :::* LISTEN 71768/nginx: master
我做错了什么?
当我尝试时curl,我得到:
$ curl -Lv http://example.org
* Trying 123:123:123:123:80...
* Connected to example.org (123:123:123:123) port 80 (#0)
> GET / HTTP/1.1
> Host: example.org
> User-Agent: curl/7.81.0
> Accept: */*
>
* Received HTTP/0.9 when not allowed
* Closing connection 0
curl: (1) Received HTTP/0.9 when not allowed
还有一个telnet:
$ telnet example.org 80
Trying 123:123:123:123...
Connected to example.org.
Escape character is '^]'.
GET / HTTP/1.1
Connection closed by foreign host.
Let'sEncrypt 文件
ssl_certificate /etc/letsencrypt/live/example.org-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org-0001/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dh2048.pem;
add_header Strict-Transport-Security "max-age=63072000";
ssl_session_cache shared:SSL:1m;
SSL vhost 没有问题。
答案1
尝试更换
server {
listen 80;
listen [::]:80;
server_name example.org;
location / {
return 301 https://$server_name$request_uri;
}
}
和
server {
listen 80;
listen [::]:80;
server_name example.org;
return 301 https://$server_name$request_uri;
}