nginx:[警告] 0.0.0.0:443/0.0.0.0:80 上的服务器名称“www.site.com”冲突,已忽略
[英]nginx: [warn] conflicting server name “www.site.com” on 0.0.0.0:443/0.0.0.0:80, ignored
问题描述
While running a dry-run on certbot autorenewal, I'm getting the following warnings:
在 certbot 自动更新上运行空运行时,我收到以下警告:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Processing /etc/letsencrypt/renewal/example.com.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Cert not due for renewal, but simulating renewal for dry run
Plugins selected: Authenticator nginx, Installer nginx
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for example.com
http-01 challenge for www.example.com
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
Waiting for verification...
Cleaning up challenges
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
new certificate deployed with reload of nginx server; fullchain is
/etc/letsencrypt/live/example.com/fullchain.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates below have not been saved.)
Congratulations, all renewals succeeded. The following certs have been renewed:
/etc/letsencrypt/live/example.com/fullchain.pem (success)
** DRY RUN: simulating 'certbot renew' close to cert expiry
** (The test certificates above have not been saved.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The rules of the Nginx configuration should 1) redirect all http to https, 2) redirect all non-www to www. Nginx 配置的规则应该 1) 将所有 http 重定向到 https,2) 将所有非 www 重定向到 www。 It does it, which is good, but there's this warning which shows it could be improved.它做到了,这很好,但是有这个警告表明它可以改进。
It's probably very obvious what is wrong with my current config, but I couldn't find how to keep everything working correctly while fixing it.我当前的配置有什么问题可能很明显,但我找不到如何在修复它时保持一切正常工作。 Here is my config file ( /etc/nginx/sites-enabled/example.com ):这是我的配置文件( /etc/nginx/sites-enabled/example.com ):
server {
listen 80;
server_name example.com www.example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_name example.com;
return 301 https://www.example.com$request_uri;
}
server {
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
server_name www.example.com;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/example/code/public;
# Turn on Passenger
passenger_enabled on;
passenger_ruby /usr/local/rvm/gems/ruby-2.7.1/wrappers/ruby;
location ~ ^/assets/ {
expires 1y;
add_header Cache-Control public;
add_header ETag "";
}
}
1 个解决方案
解决方案1
3 2020-08-17 11:32:13
Short answer:简短的回答:
The third server block should be just:第三个服务器块应该是:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate ... etc etc
return 301 https://www.example.com$request_uri;
}
Explanation解释
You have two server names and two ports, therefore 4 combinations您有两个服务器名称和两个端口,因此有 4 种组合
- example.com:80例如.com:80
- www.example.com:80 www.example.com:80
- example.com:443例如.com:443
- www.example.com:443 www.example.com:443
Each one of those should be handled once and only once on your servers blocks.每一个都应该在你的服务器块上处理一次,并且只处理一次。 However然而
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:80, ignored
- it's declared once in the first block, twice in the third block它在第一个块中声明一次,在第三个块中声明两次
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
- once in the first block, twice in the third block第一个街区一次,第三个街区两次
nginx: [warn] conflicting server name "www.example.com" on 0.0.0.0:443, ignored
- once in the second block, twice in the third block一次在第二个街区,两次在第三个街区
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
- twice in the third block在第三个街区两次
the general logic of your redirection flow should be:您的重定向流程的一般逻辑应该是:
# handle example.com:80
# handle www.example.com:80
server {
listen 80;
server_name www.example.com example.com;
return 301 https://www.example.com$request_uri;
}
# handle example.com:443
server {
listen 443 ssl; # managed by Certbot
ssl_certificate ... etc etc
server_name example.com;
return 301 https://www.example.com$request_uri;
}
# handle www.example.com:443
server {
listen 443 ssl; # managed by Certbot
ssl_certificate ... etc etc
server_name www.example.com;
root /var/www/example/code/public;
}
Please note you still need a certificate for non www host even if will be inmediately redirected.请注意,即使将立即重定向,您仍然需要非 www 主机的证书。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
nginx:[警告] 0.0.0.0:80 上的服务器名称“域”冲突,忽略 - nginx: [warn] conflicting server name "domain" on 0.0.0.0:80, ignored
nginx:[警告] 0.0.0.0:80 上的冲突服务器名称“example.com”,已忽略 - nginx: [warn] conflicting server name "example.com" on 0.0.0.0:80, ignored
Nginx:避免nginx:[warn]在0.0.0.0:80上冲突服务器名称“index”,忽略 - Nginx: avoid nginx: [warn] conflicting server name “index” on 0.0.0.0:80, ignored
Nginx 警告“冲突的服务器名称<domain_name>在 0.0.0.0:80,忽略“ - Nginx warning "conflicting server name <domain_name> on 0.0.0.0:80, ignored"
Fab Deploy错误:“错误日志:[emerg] 8780#0:无效的服务器名称或通配符“ 0.0.0.0:80上的mydomain * .mydomain.com”” - Fab Deploy Error: '“Error log: [emerg] 8780#0: invalid server name or wildcard ”mydomain*.mydomain.com“ on 0.0.0.0:80”'
nginx:[emerg] socket()0.0.0.0:80在Docker上失败(13:权限被拒绝) - nginx: [emerg] socket() 0.0.0.0:80 failed (13: Permission denied) on Docker
Nginx 错误:bind() 到 0.0.0.0:80 失败。 没有权限 - Nginx- error: bind() to 0.0.0.0:80 failed. permission denied
(ubuntu) nginx: [emerg] bind() to 0.0.0.0:80 failed (13: permission denied) - (ubuntu) nginx: [emerg] bind() to 0.0.0.0:80 failed (13: permission denied)
Nginx为什么我的服务器在localhost上提供正确的内容而不是0.0.0.0 - Nginx Why does my server serve correct content on localhost but not 0.0.0.0
Nginx Rhel7 nginx 错误:[emerg] bind() to 0.0.0.0:80 failed (98: Address already in use) - Nginx error on Rhel7 nginx: [emerg] bind() to 0.0.0.0:80 failed (98: Address already in use)
相关标签