配置 ssl 出现了问题： chrome 军哥，浏览器显示 www.mydomain.com 将您重定向的次数过多

fasefe · 发表于 2017-4-7 18:57:25

环境： lnmp,申请了免费的腾讯 ssl 证书
我的 nginx.conf 配置如下：

user www www;
worker_processes auto;
error_log /home/wwwlogs/nginx_error.log crit;
pid /usr/local/nginx/logs/nginx.pid;
#Specifies the value for maximum file descriptors that can be opened by this process. worker_rlimit_nofile 51200;
events { use epoll; worker_connections 51200; multi_accept on; }
http {
map $http_cf_ipcountry $allow {
default yes;
CN yes;
RU no;
US yes;
}
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 128;
client_header_buffer_size 32k;
large_client_header_buffers 4 32k;
client_max_body_size 50m;
sendfile on;
tcp_nopush on;
keepalive_timeout 60;
tcp_nodelay on;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_buffer_size 64k;
fastcgi_buffers 4 64k;
fastcgi_busy_buffers_size 128k;
fastcgi_temp_file_write_size 256k;
gzip on;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
#limit_conn_zone $binary_remote_addr zone=perip:10m;
##If enable limit_conn_zone,add "limit_conn perip 10;" to server section.
server_tokens off;
access_log off;
server {
listen 80;
server_name www.mydomain.com;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://www.mydomain.com$request_uri;
}
server{
if ($allow = no) {
return 403;
}
location ~ /.well-known {
allow all;
}
listen 443 default ssl;
#listen [::]:80 default_server ipv6only=on;
server_name www.mydomain.com;
ssl_certificate /usr/local/nginx/conf/1_www.mydomain.com_bundle.crt;
ssl_certificate_key /usr/local/nginx/conf/2_www.mydomain.com.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
ssl_prefer_server_ciphers on;
index index.html index.htm index.php;
root /home/wwwroot/default;
#error_page 404 /404.html;
include enable-php.conf;
location /nginx_status
{
stub_status on;
access_log off;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}
location ~ .*\.(js|css)?$
{
expires 12h;
}
location ~ /\.
{
deny all;
}
access_log /home/wwwlogs/access.log;
}
include vhost/*.conf; }

复制代码

参考了教程： https://www.v2ex.com/t/275074?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io
和 https://www.qcloud.com/document/product/400/4143#2.-nginx-.E8.AF.81.E4.B9.A6.E9.83.A8.E7.BD.B2
重启： lnmp nginx restart 出现警告：
toping nginx... nginx: [warn] conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored

[ 本帖最后由 fasefe 于 2017-4-7 18:59 编辑 ]

licess · 发表于 2017-4-8 09:12:20

该域名添加了多次

fasefe · 发表于 2017-4-8 21:07:44

怎么改呢军哥？ /usr/local/nginx/conf/nginx.conf  里面的这个配置是否正确？另外我发现了/home/Richel/lnmp1.3-full/conf/nginx.conf 还有一个nginx.conf，这个文件做什么用的？里面的配置是：

user  www www;

worker_processes auto;

error_log  /home/wwwlogs/nginx_error.log  crit;

pid       /usr/local/nginx/logs/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
{
      use epoll;
      worker_connections 51200;
      multi_accept on;
}

http
{
      geoip_country /usr/share/GeoIP/GeoIP.dat;
      map $geoip_country_code $allowed_country {
      default no;
      FK yes;
      FM yes;
      EH yes;
      }
      include    mime.types;
      default_type  application/octet-stream;
client_header_buffer_size 32k;
      large_client_header_buffers 4 32k;
      client_max_body_size 50m;

      sendfile on;
      tcp_nopush on;

      keepalive_timeout 60;

      tcp_nodelay on;

      fastcgi_connect_timeout 300;
      fastcgi_send_timeout 300;
      fastcgi_read_timeout 300;
      fastcgi_buffer_size 64k;
      fastcgi_buffers 4 64k;
      fastcgi_busy_buffers_size 128k;
      fastcgi_temp_file_write_size 256k;

      gzip on;
      gzip_min_length  1k;
      gzip_buffers    4 16k;
      gzip_http_version 1.1;
      gzip_comp_level 2;
      gzip_types    text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/xml+rss;
      gzip_vary on;
      gzip_proxied expired no-cache no-store private auth;
      gzip_disable "MSIE [1-6]\.";
server
{
         if ($allowed_country = no) {
         return 403;
   }
      if ($http_cf_ipcountry = CN){
      return 403;
      }

      listen 80 default_server;
      #listen [::]:80 default_server ipv6only=on;
      server_name www.lnmp.org;
      index index.html index.htm index.php;
      root  /home/wwwroot/default;

      #error_page 404 /404.html;
      include enable-php.conf;

      location /nginx_status
      {
         stub_status on;
         access_log off;
      }

      location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
      {
         expires    30d;
      location ~ .*\.(js|css)?$
      {
         expires    12h;
      }

      location ~ /\.
      {
         deny all;
      }

      access_log  /home/wwwlogs/access.log;
}
include vhost/*.conf;
}

问题可能出现在这里面吗？看到servername  www.lnmp.org ？？？
并且我在服务器上野找不到vhost文件夹，include里面也没有啊？一般情况下vhost会放在什么地方？

fasefe · 发表于 2017-4-8 21:25:52

输入了命令：lnmp vhost list :
Domain: www.mydomain.com has been deleted.
Website files will not be deleted for security reasons.
You need to manually delete the website files.

原因是否出现在这里？website files 在哪里？里面有配置2次域名的conf文件吗？

fasefe · 发表于 2017-4-8 21:59:41

军哥现在我重启lnmp nginx restart没有这个警告了conflicting server name "www.mydomain.com" on 0.0.0.0:80, ignored
但是依然是www.mydomain.com 将您重定向的次数过多。网站现在是无法打开的状态，输入服务器ip会自动跳转到https:www.mydomain.com

licess · 发表于 2017-4-9 09:45:18

有可能是程序上还有301的设置

		自动登录	找回密码
密码			注册

配置 ssl 出现了问题： chrome 军哥，浏览器显示 www.mydomain.com 将您重定向的次数过多

回复 2# 的帖子

回复 2# 的帖子

军哥运维代购：http://shop63846532.taobao.com/

回复 5# 的帖子