Nginx将http子域重定向到https
[英]Nginx redirect http subdomains to https
问题描述
I have one domain with 3 subdomains: 
我有一个带有3个子域的域:
- example.com (main domain) - api.example.com - blog.example.com - support.example.com (just a cname to point to zendesk)
And I have this 3 configuration on my Nginx : 我在Nginx上有以下3个配置:
api api
# HTTP server
server {
listen 80;
server_name api.example.com;
return 301 https://api.example.com$request_uri;
}
# HTTPS server
server {
ssl on;
listen 443;
server_name api.example.com;
ssl_certificate APIcert.crt;
ssl_certificate_key APIcert.key;
#root configuration.....
}
blog 博客
server {
listen 80;
server_name blog.example.com;
root /var/www/blog;
index index.php index.html index.htm;
site/main domain 站点/主域
server {
listen 80;
listen 443 ssl;
server_name www.example.com;
return 301 https://example.com$request_uri;
location ~ \.(php|html)$ {
deny all;
}
}
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
location ~ \.(php|html)$ {
deny all;
}
}
server {
ssl on;
listen 443 ssl;
ssl_certificate mycert.crt;
ssl_certificate_key mycert.key;
server_name example.com;
root /var/www/frontend;
.....
}
MY PROBLEM : 我的问题 :
- The subdomain api.example is OK! 子域api.example可以!
- The main domain http://example.com and https://example.com is OK! 主域http://example.com和https://example.com可以!
- If I try to access the main domain with www on HTTP the browser redirect correct to https://example.com . 如果我尝试使用HTTP上的www访问主域,则浏览器将正确重定向到https://example.com 。 But when I try to access the main domain with www and https, https://www.example.com , the browser try to access the SSL CERT from api. 但是,当我尝试使用www和https, https: //www.example.com访问主域时,浏览器尝试从api访问SSL CERT。
- And after I try to access the main domain and redirect to HTTPS my other subdomains that doesn't have HTTPS is redirect to https and show error, because they tried to use SSL CERT from api. 在尝试访问主域并重定向到HTTPS之后,没有HTTPS的其他子域又重定向到https并显示错误,因为它们尝试从api使用SSL CERT。
- Example: if I try to access http://blog.exemple.com , firefox redirect to https://blog.example.com and show SSL error. 示例:如果我尝试访问http://blog.exemple.com ,则Firefox重定向到https://blog.example.com并显示SSL错误。
- This is a video showing this problem 这是显示此问题的视频
- The domain is online, you can test on http://blog.alooga.com.br , http://alooga.com.br 该域名在线,您可以在http : //blog.alooga.com.br,http : //alooga.com.br上进行测试
2 个解决方案
解决方案1
4 已采纳 2015-06-10 19:13:31
Your web server is setup with Strict-Transport-Security max-age=16070400; includeSubdomains 您的Web服务器设置为Strict-Transport-Security max-age=16070400; includeSubdomains Strict-Transport-Security max-age=16070400; includeSubdomains . Strict-Transport-Security max-age=16070400; includeSubdomains 。
This will tell the web browser to request your domain using https only. 这将告诉网络浏览器仅使用https请求您的域。 If you want the subdomain blog to be accessed through insecure http, you will need to remove includeSubdomains from the HTTP Strict Transport Security (HSTS) and use a different browser (or clear your Firefox). 如果要通过不安全的http访问子域blog ,则需要从HTTP严格传输安全性(HSTS)中删除includeSubdomains ,并使用其他浏览器(或清除Firefox)。
https://www.ssllabs.com/ssltest/analyze.html?d=alooga.com.br https://www.ssllabs.com/ssltest/analyze.html?d=alooga.com.br
解决方案2
-1 2016-12-22 08:15:53
You are getting SSL error messages because you don't have SSL certificate for blog.alooga.com.br domain. 您收到SSL错误消息是因为您没有blog.alooga.com.br域的SSL证书。
SSL error message for your reference: SSL错误消息供您参考:
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.