lnmp1.9 安装自已的ssl 证书,无法访问https
这两天,刚在raksmart这家买了个vps,装的系统是centos 7然后安装lnmp1.9一键包,安装过程顺利。然后在绑定域名时,先上传申请好的腾讯云免费证书上去,两个文件,一个是abc.com_bundle.crt,另一个是abc.com.key,然后,再在绑定域名过程中指定这两个文件的位置:/usr/local/nginx/conf/vhost/abc.com_bundle.crt和/usr/local/nginx/conf/vhost/abc.com.key绑定好域名后,发现http://abc.com 可以正常访问了,但是https://abc.com却死活打不开,无法访问。请问这是什么原因呢?又重装了lnmp1.9一键包,又用了别的域名和证书来试,并且把系统防火墙也关了,仍然如此,这就奇怪了啊配置文件没有,各种反馈必读要求的信息都没提供没法分析原因 licess 发表于 2022-11-27 12:50
配置文件没有,各种反馈必读要求的信息都没提供没法分析原因
是这个吗?
安装过程:
Please enter domain(example: www.lnmp.org): www.abc.com
Your domain: www.abc.com
Enter more domain name(example: lnmp.org sub.lnmp.org):
domain list: www.abc.com
Please enter the directory for the domain: www.abc.com
Default directory: /home/wwwroot/www.abc.com:
Virtual Host Directory: /home/wwwroot/www.abc.com
Allow Rewrite rule? (y/n) n
You choose rewrite: none
Enable PHP Pathinfo? (y/n) n
Disable pathinfo.
Allow access log? (y/n) n
Disable access log.
Enable IPv6? (y/n) y
Enabled IPv6 Support in current Virtualhost.
Create database and MySQL user with same name (y/n) n
Add SSL Certificate (y/n) y
1: Use your own SSL Certificate and Key
2: Use Let's Encrypt to create SSL Certificate and Key
3: Use BuyPass to create SSL Certificate and Key
4: Use ZeroSSL to create SSL Certificate and Key
Enter 1, 2, 3 or 4: 1
Please enter full path to SSL Certificate file: /usr/local/nginx/conf/vhost/abc.com_bundle.crt
Please enter full path to SSL Certificate Key file: /usr/local/nginx/conf/vhost/abc.com.key
Using 301 to Redirect HTTP to HTTPS? (y/n) n
DO not setting 301 Redirect.
Press any key to start create virtul host...
dCreate Virtul Host directory......
set permissions of Virtual Host directory......
You select the exist rewrite rule:/usr/local/nginx/conf/rewrite/none.conf
Test Nginx configure file......
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......
Reload service php-fpmdone
Create dhparam.pem...
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
.........................................................................................+..........................................................................................+..................................................+..........................+...................................................................................+...............................................................................+.....................................................+....................................+.........................................................................................................................+.......................................................................................+.............................................................................................................................................................................................+...........................................................................................................+..........................+.................................................................................................................................+.............................................................................................................................................................................+....................................+..........................................+..................................................+............+................+........+...........................................................+...............................................................................+................................................................+..........................................+.......................................................................................................................................................................+..................................................................................................................................+................................................................................................................................................................................................................................................................................................................................................................................................................................+...........................................+......................+.........................................................................................................................................................................+...........................................................................................................................................................................................................................................................................................................+..++*++*
Test Nginx configure file......
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......
================================================
Virtualhost infomation:
Your domain: www.abc.com
Home Directory: /home/wwwroot/www.abc.com
Rewrite: none
Enable log: no
Create database: no
Create ftp account: no
Enable SSL: yes
=>Certificate file
IPv6 Support: Enabled
================================================
#
域名配置:
server
{
listen 80;
listen [::]:80;
server_name www.abc.com ;
index index.html index.htm index.php default.html default.htm default.php;
root/home/wwwroot/www.abc.com;
include rewrite/none.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
server
{
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.abc.com ;
index index.html index.htm index.php default.html default.htm default.php;
root/home/wwwroot/www.abc.com;
ssl_certificate /usr/local/nginx/conf/vhost/abc.com_bundle.crt;
ssl_certificate_key /usr/local/nginx/conf/vhost/abc.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
ssl_session_cache builtin:1000 shared:SSL:10m;
# openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;
include rewrite/none.conf;
#error_page 404 /404.html;
# Deny access to PHP files in specific directory
#location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }
include enable-php.conf;
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
access_log off;
}
晕了,搞了两天了,刚刚才发觉,原来是这个vps ip的443端口被墙,以致https死活访问不了。换了个ip后马上可以了。 一般都封杀这个端口!! 境外VPS就怕这个! 我今天也碰到一个问题443端口不能访问域名,但是80端口反而可以,真是奇怪了。请问哥们您是怎么解决这个问题的啊?可否交流交流,留一个联系方式啊。 @明明小子。哥们我换了IP也不行啊 奇怪的。 65304 发表于 2023-4-9 03:50
我今天也碰到一个问题443端口不能访问域名,但是80端口反而可以,真是奇怪了。请问哥们您是怎么解决这个问 ...
最简单的判断方法,用tcping或curl访问你ip的指定端口,国外访问通,国内访问不通就是被qiang了
页:
[1]