And*_*uiz 6 ssl nginx lets-encrypt certbot nginx-config
我正在 Ubuntu 18.04 服务器上发布一个用 Python Pyramid 制作的网站。该网站是在HTTP运行正常,现在我想让它运行HTTPS按照这篇文章,但要安装我得到这个消息时:
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/dev.anything.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/dev.anything.com/privkey.pem
Your cert will expire on 2019-03-17. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
这是我的配置文件,它位于/etc/nginx/sites-available/snow_service.nginx:
server {
listen 80;
listen 443 ssl;
server_name dev.anything.com
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
我也尝试用域名重命名文件,但它不起作用。我手动放置的 ssl 证书的路径,因为我在 Stack Overflow 的另一个答案中看到了它。
我错过了什么?谢谢你的帮助
小智 11
中的文件sites-enabled应该只是指向 中“真实”文件的链接sites-available。您应该只编辑 中的内容sites-available,然后运行
cd /etc/nginx/sites-enabled
ln -s ../sites-available/your-site.conf
启用该站点。
如果您想禁用该站点,只需删除 中的链接即可sites-enabled。
这是解决方案:我正在更改文件sites-available夹中的文件,而不是更改文件sites-enabled夹中的文件。这是最终的文件内容:
server {
listen 80 default_server;
server_name dev.anything.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name elglobe_snow_service
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
| 归档时间: |
|
| 查看次数: |
8936 次 |
| 最近记录: |