如果我的 URL 是 site.com 而不是 www.site.com,我的 SSL 证书就可以正常工作。为什么会这样,我该如何解决?当我配置我的 CSR 和证书时,它说使用 mysite.com 作为域,而不是 www.mysite.com,因为它自动配置 www 。
这是我的 nginx 配置:
ssl_certificate /etc/nginx/ssl/bundle.crt;
ssl_certificate_key /etc/nginx/ssl/myserver.key;
ssl_session_timeout 10m;
ssl_session_cache shared:SSL:10m;
ssl_dhparam /etc/nginx/ssl/dhparams.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-$
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
server {
listen 80;
listen 443 ssl;
keepalive_timeout 70;
access_log /var/www/mysite.com/logs/access.log;
error_log /var/www/mysite.com/logs/error.log;
root /var/www/mysite.com/public_html/mysite/public/_main;
server_name www.mysite.com mysite.com;
# HSTS - 6 months
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
resolver 192.0.2.1;
location / {
try_files $uri $uri.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
include /etc/nginx/fastcgi_params;
if ($uri !~ "^/assets/images/") {
fastcgi_pass unix:/var/run/php-fastcgi/php-fastcgi.socket;
}
fastcgi_index landing.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
最佳答案
通常情况恰恰相反。如果您在 CSR 中指定 www.yoursite.com 作为通用名称,则该证书将适用于 www.yoursite.com 和 yoursite.com。
关于SSL 仅在没有 www 的情况下有效,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30695355/