将 nginx 端口 80 重定向到 http2 443 失败

将 nginx 端口 80 重定向到 http2 443 失败

在网上搜索了大量链接,我不明白为什么这个会议不能正确地从http://example.comhttps://example.com

我的配置:

# HTTPS
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    index index.html;

    # Prevent nginx HTTP Server Detection
    server_tokens off;

    server_name example.org;
    root /home/www/example.org;

    # Let's Encrypt conf
    include /etc/nginx/ssl.conf;

    access_log  /var/log/nginx/example.org.access.log;
}

# HTTP redirect
server {
    listen 80;
    listen [::]:80;

    server_name example.org;

    location / {
        return 301 https://$server_name$request_uri;

    }
}

网络状态:

# netstat -nptl | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      71768/nginx: master 
tcp6       0      0 :::80                   :::*                    LISTEN      71768/nginx: master 

我做错了什么?

当我尝试时curl,我得到:

$ curl -Lv http://example.org
*   Trying 123:123:123:123:80...
* Connected to example.org (123:123:123:123) port 80 (#0)
> GET / HTTP/1.1
> Host: example.org
> User-Agent: curl/7.81.0
> Accept: */*
>
* Received HTTP/0.9 when not allowed
* Closing connection 0
curl: (1) Received HTTP/0.9 when not allowed

还有一个telnet

$ telnet example.org 80
Trying 123:123:123:123...
Connected to example.org.
Escape character is '^]'.
GET / HTTP/1.1
Connection closed by foreign host.

Let'sEncrypt 文件

ssl_certificate /etc/letsencrypt/live/example.org-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org-0001/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dh2048.pem;
add_header Strict-Transport-Security "max-age=63072000";
ssl_session_cache shared:SSL:1m;

SSL vhost 没有问题。

答案1

尝试更换

server {
    listen 80;
    listen [::]:80;

    server_name example.org;

    location / {
        return 301 https://$server_name$request_uri;

    }
}

server {
    listen 80;
    listen [::]:80;

    server_name example.org;
    return 301 https://$server_name$request_uri;
}

相关内容