[英]NGINX + Let's encrypt: Could not automatically find a matching server block
我正在 Ubuntu 18.04 服务器上发布一个使用 Python Pyramid 制作的网站。 该网站在 HTTP 上正常运行,现在我正在尝试按照这篇文章使其在 HTTPS 上运行,但是在尝试安装时我收到此消息:
IMPORTANT NOTES:
- Unable to install the certificate
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/dev.anything.com/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/dev.anything.com/privkey.pem
Your cert will expire on 2019-03-17. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"
这是我的配置文件,位于/etc/nginx/sites-available/snow_service.nginx
:
server {
listen 80;
listen 443 ssl;
server_name dev.anything.com
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
我也尝试用域名重命名文件,但效果不佳。 我手动输入的 ssl 证书的路径,因为我在 Stack Overflow 的另一个答案中看到了它。
我错过了什么? 谢谢你的帮助
这是解决方案:我正在更改sites-available
文件夹中的文件,而不是更改sites-enabled
文件夹中的文件。 这是最终的文件内容:
server {
listen 80 default_server;
server_name dev.anything.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name elglobe_snow_service
server_tokens off;
ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;
charset utf-8;
client_max_body_size 1M;
location /static {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
expires 1d;
}
location / {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
try_files $uri @yourapplication;
}
location @yourapplication {
gzip on;
gzip_buffers 8 256k;
uwsgi_buffers 8 256k;
server_tokens off;
include uwsgi_params;
proxy_set_header Host $host;
proxy_set_header real_scheme $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://127.0.0.1:8999;
}
}
启用站点中的文件应该只是指向可用站点中“真实”文件的链接。 您应该只编辑可用站点中的那些,然后运行
cd /etc/nginx/sites-enabled ln -s ../sites-available/your-site.conf
启用该站点。
如果您想禁用该站点,您可以删除已启用站点中的链接。
Certbot:无法自动找到匹配的服务器块
就我而言,他没有检测到我的/etc/nginx/site-available/my.domain.com
$certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please enter the domain name(s) you would like on your certificate (comma and/or
space separated) (Enter 'c' to cancel):
也试试这个
$ sudo certbot install --cert-name my.domain.com
Could not automatically find a matching server block for my.domain.com. Set the `server_name` directive to use the Nginx installer.
并尝试重新加载并重新启动 Nginx 和 cerbot 但仍然没有响应!
“解决方案”在site-available/new_my.domain.com
新建文件并再次生成符号链接ln -s /etc/nginx/site-available/new_my.domain.com /etc/nginx/site-enabled
然后重新启动 Nginx,希望它为您节省一天!
@syedasadrazadevops
我有同样的问题,它是因为 Nginx 配置文件名而发生的。 我为我的文件设置了错误的后缀(.com 而不是.conf)。 修复这个错误后,它就像一个魅力!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.