Ubuntu: HTTPS 不适用于 Nginx
Ubuntu: HTTPS not working on Nginx
我使用以下方法创建了 SSL 证书。
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/cerf.key -out /etc/nginx/ssl/cerf.pem
我也有以下 nginx 配置。 http 在端口 8002 上工作正常。但是,https 根本不工作。 nginx conf 和 SSL 证书位于同一文件夹中。
upstream django {
server unix:////var/www/dj_test_prj/dj_test_prj/site.bot.sock; # for a file socket
#server 127.0.0.1:8000; # for a web port socket (we will use this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8002;
# the domain name it will serve for
server_name .example.com; # substitute your machine IP address or FQDN
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /var/www/dj_test_prj/media; # your Django project media files - amend as required
}
location /static {
alias /var/www/dj_test_prj/static; # your Django project static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /var/www/dj_test_prj/dj_test_prj/uwsgi_params.bot; # the uwsgi_params file you installed
}
}
server {
listen 443;
server_name .example.com; # substitute your machine IP address or FQDN
charset utf-8;
ssl on;
ssl_certificate cert.pem;
ssl_certificate_key cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /var/www/dj_test_prj/media; # your Django project media files - amend as required
}
location /static {
alias /var/www/dj_test_prj/static; # your Django project static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /var/www/dj_test_prj/dj_test_prj/uwsgi_params.bot; # the uwsgi_params file you installed
}
首先,nginx错误日志中写入了什么???
必须先检查日志,并附在问题后面。
如我所见,您在配置 cert.key 和 cert.crt 时创建了 cerf.key 和 cerf.crt 文件 - 这应该会导致 nginx 无法启动。请向我们展示 sudo nginx -t 输出。
我使用以下方法创建了 SSL 证书。
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/cerf.key -out /etc/nginx/ssl/cerf.pem
我也有以下 nginx 配置。 http 在端口 8002 上工作正常。但是,https 根本不工作。 nginx conf 和 SSL 证书位于同一文件夹中。
upstream django {
server unix:////var/www/dj_test_prj/dj_test_prj/site.bot.sock; # for a file socket
#server 127.0.0.1:8000; # for a web port socket (we will use this first)
}
# configuration of the server
server {
# the port your site will be served on
listen 8002;
# the domain name it will serve for
server_name .example.com; # substitute your machine IP address or FQDN
charset utf-8;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /var/www/dj_test_prj/media; # your Django project media files - amend as required
}
location /static {
alias /var/www/dj_test_prj/static; # your Django project static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /var/www/dj_test_prj/dj_test_prj/uwsgi_params.bot; # the uwsgi_params file you installed
}
}
server {
listen 443;
server_name .example.com; # substitute your machine IP address or FQDN
charset utf-8;
ssl on;
ssl_certificate cert.pem;
ssl_certificate_key cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
# max upload size
client_max_body_size 75M; # adjust to taste
# Django media
location /media {
alias /var/www/dj_test_prj/media; # your Django project media files - amend as required
}
location /static {
alias /var/www/dj_test_prj/static; # your Django project static files - amend as required
}
# Finally, send all non-media requests to the Django server.
location / {
uwsgi_pass django;
include /var/www/dj_test_prj/dj_test_prj/uwsgi_params.bot; # the uwsgi_params file you installed
}
首先,nginx错误日志中写入了什么??? 必须先检查日志,并附在问题后面。
如我所见,您在配置 cert.key 和 cert.crt 时创建了 cerf.key 和 cerf.crt 文件 - 这应该会导致 nginx 无法启动。请向我们展示 sudo nginx -t 输出。