NGINX + 让我们加密:无法自动找到匹配的服务器块
[英]NGINX + Let's encrypt: Could not automatically find a matching server block
问题描述
我正在 Ubuntu 18.04 服务器上发布一个使用 Python Pyramid 制作的网站。 该网站在 HTTP 上正常运行,现在我正在尝试按照这篇文章使其在 HTTPS 上运行,但是在尝试安装时我收到此消息:
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/dev.anything.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/dev.anything.com/privkey.pem
Your cert will expire on 2019-03-17. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
这是我的配置文件,位于/etc/nginx/sites-available/snow_service.nginx :
server {
listen 80;
listen 443 ssl;
server_name dev.anything.com
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
我也尝试用域名重命名文件,但效果不佳。 我手动输入的 ssl 证书的路径,因为我在 Stack Overflow 的另一个答案中看到了它。
我错过了什么? 谢谢你的帮助
4 个解决方案
解决方案1
5 2018-12-18 12:15:15
这是解决方案:我正在更改sites-available文件夹中的文件,而不是更改sites-enabled文件夹中的文件。 这是最终的文件内容:
server {
listen 80 default_server;
server_name dev.anything.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name elglobe_snow_service
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
解决方案2
4 2020-07-16 19:43:48
启用站点中的文件应该只是指向可用站点中“真实”文件的链接。 您应该只编辑可用站点中的那些,然后运行
cd /etc/nginx/sites-enabled ln -s ../sites-available/your-site.conf
启用该站点。
如果您想禁用该站点,您可以删除已启用站点中的链接。
解决方案3
0 2022-08-31 08:14:25
Certbot:无法自动找到匹配的服务器块
就我而言,他没有检测到我的/etc/nginx/site-available/my.domain.com
$certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel):
也试试这个
$ sudo certbot install --cert-name my.domain.com
Could not automatically find a matching server block for my.domain.com. Set the `server_name` directive to use the Nginx installer.
并尝试重新加载并重新启动 Nginx 和 cerbot 但仍然没有响应!
“解决方案”在site-available/new_my.domain.com新建文件并再次生成符号链接ln -s /etc/nginx/site-available/new_my.domain.com /etc/nginx/site-enabled
然后重新启动 Nginx,希望它为您节省一天!
@syedasadrazadevops
解决方案4
0 2022-09-24 07:39:36
我有同样的问题,它是因为 Nginx 配置文件名而发生的。 我为我的文件设置了错误的后缀(.com 而不是.conf)。 修复这个错误后,它就像一个魅力!
如何使用Let's Encrypt和Nginx在SSL实验室测试中获得“此服务器更喜欢ChaCha20”的描述?
[英]How to get a “This server prefers ChaCha20” description on SSL Labs test with Let's Encrypt and Nginx?
对 Nginx 通配符处理的子域使用 Let's Encrypt
[英]Using Let's Encrypt with subdomains handled by Nginx's wildcard
如何配置让我们在docker镜像中为nginx加密证书?
[英]How to configure Let's encrypt certificates for nginx inside a docker image?
续订让我们在多个NGINX反向代理实例中加密证书
[英]Renewal Let's Encrypt certificate in multiple NGINX reverse proxy instances
Prestashop + NGINX +让我们加密:SSL在搜索栏中显示为不安全
[英]Prestashop + NGINX + Let's Encrypt: SSL shows as not secure in search bar
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
让我们加密自动续订时出错(Nginx)
如何使用Let's Encrypt和Nginx在SSL实验室测试中获得“此服务器更喜欢ChaCha20”的描述?
对 Nginx 通配符处理的子域使用 Let's Encrypt
创建一个开发服务器,就像让我们加密一样
让我们为服务器加密并为客户端证书使用OpenSSL
如何配置让我们在docker镜像中为nginx加密证书?
续订让我们在多个NGINX反向代理实例中加密证书
Prestashop + NGINX +让我们加密:SSL在搜索栏中显示为不安全
SSL让我们加密安装在AWS EC2的NGINX上不起作用
让我们在nginx上用mongod加密ssl更新的cron jobs
相关标签