这里是 Nginx 菜鸟,我确实浏览了所有以前的帖子,但找不到适合我情况的任何内容。
我正在尝试在 nginx 上安装商业 SSL 证书。使用以下内容配置 etc/nginx/sites-available/myapp 之后:
server {
listen 80;
server_name example.come www.example.com;
rewrite ^/(.*) https://example.com/$1 permanent;
location = /favicon.ico { access_log off; log_not_found off; }
location /static/ {
root /home/user/example.com;
}
location / {
include proxy_params;
proxy_pass http://unix:/home/djangodeploy/example.com/rex.sock;
}
}
server {
listen 443 ssl;
server_name example.com www.example.come;
ssl_certificate /home/user/example.com.chained.crt;
ssl_certificate_key /home/user/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GC$
ssl_prefer_server_ciphers on;
}
检查语法后一切正常。 https 运行良好,但是它没有为实际网站提供服务,而是返回“欢迎使用 nginx!”
我还在 /etc/nginx/nginx.conf 中配置了 http 指令,包括:
http {
ssl_certificate /home/user/example.com.chained.crt;
ssl_certificate_key /home/user/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: $
ssl_prefer_server_ciphers on;
我听说 gzip 会导致问题,我应该禁用它吗?
如有任何帮助,我们将不胜感激!
最佳答案
HTTPS 服务器 block 不会代理到您的应用程序,因此您需要向其添加 location/ block ,最后是这样的:
server {
listen 443 ssl;
server_name example.com www.example.come;
ssl_certificate /home/user/example.com.chained.crt;
ssl_certificate_key /home/user/example.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GC$
ssl_prefer_server_ciphers on;
location / {
include proxy_params;
proxy_pass http://unix:/home/djangodeploy/example.com/rex.sock;
}
}
关于django - 在 SSL Conf 之后。返回 "welcome to nginx!",我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/51371801/