ssl - 访问digitalocean nginx服务器上的8000端口

Question

我有一个 flask 应用程序在 digital ocean 上的 droplet 的 8000 端口上运行。我需要使用 Nginx 在这台服务器上启用 ssl，并且我可以毫无问题地连接到我的主端口。但是当尝试连接到 funders-api.ninja:8000 时，我无法访问。这是我的默认配置

server {

    # SSL configuration
    #
    # listen 443 ssl default_server;
    # listen [::]:443 ssl default_server;
    #
    # Note: You should disable gzip for SSL traffic.
    # See: https://bugs.debian.org/773332
    #
    # Read up on ssl_ciphers to ensure a secure configuration.
    # See: https://bugs.debian.org/765782
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /var/www/html;

    # Add index.php to the list if you are using PHP
    index index.html index.htm index.nginx-debian.html;

    server_name funders-api.ninja www.funders-api.ninja;

    location / {
        # First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.
        try_files $uri $uri/ =404;
    }

    # pass PHP scripts to FastCGI server
    #
    #location ~ \.php$ {
    #   include snippets/fastcgi-php.conf;
    #
    #   # With php-fpm (or other unix sockets):
    #   fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    #   # With php-cgi (or other tcp sockets):
    #   fastcgi_pass 127.0.0.1:9000;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #   deny all;
    #}

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/funders-api.ninja/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/funders-api.ninja/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    listen 8000 ssl;
    listen [::]:8000 ssl;
    server_name funders-api.ninja www.funders-api.ninja;
    ssl_certificate /etc/letsencrypt/live/funders-api.ninja/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/funders-api.ninja/privkey.pem; # managed by Certbot
    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
}

# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
#   listen 80;
#   listen [::]:80;
#
#   server_name example.com;
#
#   root /var/www/example.com;
#   index index.html;
#
#   location / {
#       try_files $uri $uri/ =404;
#   }
#}

server {
    if ($host = www.funders-api.ninja) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = funders-api.ninja) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name funders-api.ninja www.funders-api.ninja;
    return 404; # managed by Certbot

}

这基本上是用 Cerbot 进行的 de 配置，但我想访问端口 8000 com https。

Answer 1

那是一个配置错误的部分 - example.com 服务器部分在您的配置文件中被注释掉了，并且在端口 8000 上您正在监听 funders-api.ninja www 的服务器名称。资助者-api.ninja