我正在尝试为我的网站配置nginx服务器。我正在使用以下代码来配置我的服务器。如果我为我的 www.fastenglishacademy.fr (443( 服务器块添加default_server,它可以工作。
但在这种情况下,我的所有子域也带来了 www.fastenglishacademy.fr 的内容
如果我删除default_server,则会出现以下错误:
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/fastenglishacademy.fr.conf:14
nginx: configuration file /etc/nginx/nginx.conf test failed
我的nginx配置代码:
server {
listen 80;
listen [::]:80;
server_name fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 80;
listen [::]:80;
server_name www.fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name fastenglishacademy.fr;
return 301 https://www.fastenglishacademy.fr$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
root /media/fea/www/fastenglishacademy.com;
index index.html index.htm index.nginx-debian.html;
server_name www.fastenglishacademy.fr;
location / {
etag on;
try_files $uri$args $uri$args/ /index.html;
}
location ~* .(jpg|jpeg|png|gif|ico|ttf|woff2|woff|svg)$ {
expires 365d;
}
location ~* .(css|js)$ {
expires 30d;
}
location ~* .(pdf)$ {
expires 15d;
}
#WARNING: Please read before adding the lines below!
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
# SSL Certificates
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_trusted_certificate /path/to/chain.pem;
}
我的链接:
https://www.fastenglishacademy.fr/
https://api.fastenglishacademy.fr/
您的server部分缺少ssl_certificate和ssl_certificate_key声明。
您需要有一个.crt和一个.key文件才能使用 ssl。
它应该看起来像
server {
listen 80;
listen 443 default_server ssl;
ssl_certificate /etc/nginx/certs/default.crt;
ssl_certificate_key /etc/nginx/certs/default.key;
... other declarations
}
有同样的问题。添加指令
ssl on;
解决了我的问题。