VPS侦探论坛

 找回密码
 注册
查看: 2244|回复: 8

lnmp1.9 安装自已的ssl 证书,无法访问https

[复制链接]
发表于 2022-11-27 12:25:21 | 显示全部楼层 |阅读模式

这两天,刚在raksmart这家买了个vps,装的系统是centos 7  然后安装lnmp1.9一键包,安装过程顺利。然后在绑定域名时,先上传申请好的腾讯云免费证书上去,两个文件,一个是abc.com_bundle.crt,另一个是abc.com.key,然后,再在绑定域名过程中指定这两个文件的位置:/usr/local/nginx/conf/vhost/abc.com_bundle.crt和/usr/local/nginx/conf/vhost/abc.com.key绑定好域名后,发现http://abc.com 可以正常访问了,但是https://abc.com却死活打不开,无法访问。请问这是什么原因呢?又重装了lnmp1.9一键包,又用了别的域名和证书来试,并且把系统防火墙也关了,仍然如此,这就奇怪了啊
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2022-11-27 12:50:41 | 显示全部楼层


配置文件没有,各种反馈必读要求的信息都没提供没法分析原因
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
 楼主| 发表于 2022-11-27 13:05:42 | 显示全部楼层

licess 发表于 2022-11-27 12:50
配置文件没有,各种反馈必读要求的信息都没提供没法分析原因

是这个吗?

安装过程:
Please enter domain(example: www.lnmp.org): www.abc.com
Your domain: www.abc.com
Enter more domain name(example: lnmp.org sub.lnmp.org):
domain list: www.abc.com
Please enter the directory for the domain: www.abc.com
Default directory: /home/wwwroot/www.abc.com:
Virtual Host Directory: /home/wwwroot/www.abc.com
Allow Rewrite rule? (y/n) n
You choose rewrite: none
Enable PHP Pathinfo? (y/n) n
Disable pathinfo.
Allow access log? (y/n) n
Disable access log.
Enable IPv6? (y/n) y
Enabled IPv6 Support in current Virtualhost.
Create database and MySQL user with same name (y/n) n
Add SSL Certificate (y/n) y
1: Use your own SSL Certificate and Key
2: Use Let's Encrypt to create SSL Certificate and Key
3: Use BuyPass to create SSL Certificate and Key
4: Use ZeroSSL to create SSL Certificate and Key
Enter 1, 2, 3 or 4: 1
Please enter full path to SSL Certificate file: /usr/local/nginx/conf/vhost/abc.com_bundle.crt
Please enter full path to SSL Certificate Key file: /usr/local/nginx/conf/vhost/abc.com.key
Using 301 to Redirect HTTP to HTTPS? (y/n) n
DO not setting 301 Redirect.

Press any key to start create virtul host...
dCreate Virtul Host directory......
set permissions of Virtual Host directory......
You select the exist rewrite rule:/usr/local/nginx/conf/rewrite/none.conf
Test Nginx configure file......
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......
Reload service php-fpm  done
Create dhparam.pem...
Generating DH parameters, 2048 bit long safe prime, generator 2
This is going to take a long time
.........................................................................................+..........................................................................................+..................................................+..........................+...................................................................................+...............................................................................+.....................................................+....................................+.........................................................................................................................+.......................................................................................+.............................................................................................................................................................................................+...........................................................................................................+..........................+.................................................................................................................................+.............................................................................................................................................................................+....................................+..........................................+..................................................+............+................+........+...........................................................+...............................................................................+................................................................+..........................................+.......................................................................................................................................................................+..................................................................................................................................+................................................................................................................................................................................................................................................................................................................................................................................................................................+...........................................+......................+.........................................................................................................................................................................+...........................................................................................................................................................................................................................................................................................................+..++*++*
Test Nginx configure file......
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
Reload Nginx......
================================================
Virtualhost infomation:
Your domain: www.abc.com
Home Directory: /home/wwwroot/www.abc.com
Rewrite: none
Enable log: no
Create database: no
Create ftp account: no
Enable SSL: yes
  =>Certificate file
IPv6 Support: Enabled
================================================
[root@wang004 ~]#


域名配置:
server
    {
        listen 80;
        listen [::]:80;
        server_name www.abc.com ;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/www.abc.com;

        include rewrite/none.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log off;
    }

server
    {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        server_name www.abc.com ;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/www.abc.com;

        ssl_certificate /usr/local/nginx/conf/vhost/abc.com_bundle.crt;
        ssl_certificate_key /usr/local/nginx/conf/vhost/abc.com.key;
        ssl_session_timeout 5m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_prefer_server_ciphers on;
        ssl_ciphers "TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5";
        ssl_session_cache builtin:1000 shared:SSL:10m;
        # openssl dhparam -out /usr/local/nginx/conf/ssl/dhparam.pem 2048
        ssl_dhparam /usr/local/nginx/conf/ssl/dhparam.pem;

        include rewrite/none.conf;
        #error_page   404   /404.html;

        # Deny access to PHP files in specific directory
        #location ~ /(wp-content|uploads|wp-includes|images)/.*\.php$ { deny all; }

        include enable-php.conf;

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
        }

        location ~ /.well-known {
            allow all;
        }

        location ~ /\.
        {
            deny all;
        }

        access_log off;
    }


美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
 楼主| 发表于 2022-11-27 17:47:33 | 显示全部楼层



晕了,搞了两天了,刚刚才发觉,原来是这个vps ip的443端口被墙,以致https死活访问不了。换了个ip后马上可以了。
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
发表于 2023-1-11 10:37:10 | 显示全部楼层

一般都封杀这个端口!!

军哥运维代购:http://shop63846532.taobao.com/

发表于 2023-1-11 13:40:44 | 显示全部楼层

境外VPS就怕这个!
发表于 2023-4-9 03:50:46 | 显示全部楼层

我今天也碰到一个问题443端口不能访问域名,但是80端口反而可以,真是奇怪了。请问哥们您是怎么解决这个问题的啊?可否交流交流,留一个联系方式啊。
美国VPS推荐: 遨游主机LinodeLOCVPS主机云搬瓦工80VPSVultr美国VPS主机中国VPS推荐: 阿里云腾讯云。LNMP付费服务(代装/问题排查)QQ 503228080
发表于 2023-4-9 03:52:20 | 显示全部楼层

@明明小子。哥们我换了IP也不行啊 奇怪的。
Linux下Nginx+MySQL+PHP自动安装工具:https://lnmp.org
发表于 2023-4-10 08:26:27 | 显示全部楼层


65304 发表于 2023-4-9 03:50
我今天也碰到一个问题443端口不能访问域名,但是80端口反而可以,真是奇怪了。请问哥们您是怎么解决这个问 ...

最简单的判断方法,用tcping或curl访问你ip的指定端口,国外访问通,国内访问不通就是被qiang了

军哥运维代购:http://shop63846532.taobao.com/

您需要登录后才可以回帖 登录 | 注册

本版积分规则

小黑屋|手机版|Archiver|VPS侦探 ( 鲁ICP备16040043号-1 )

GMT+8, 2024-11-23 18:16 , Processed in 0.029521 second(s), 19 queries .

Powered by Discuz! X3.4

© 2001-2023 Discuz! Team.

快速回复 返回顶部 返回列表