我有一个网站eg。 domain.net ,并在我的nginx/centos服务器上成功运行certbot/letsencrypt安装。使用proxy_pass会影响letsencrypt的安装吗?
该域的安全,看起来不错。现在我已经添加了一个幽灵博客到我想加密的网站,例如。 blog.domain.net。
此博客设置在与原始网站不同的根文件夹中,但设置在相同的服务器上。我在2000上使用proxy_pass来设置子域。
现在我已经改变了唯一的事情是我我的网站,提供的nginx中添加
location ~ /.well-known {
allow all;
}
到blog.domain.net.conf文件。 我也试图与无济于事:(
每当我每运行安装说明certbot,它输出这个错误添加此到conf.d/domain.net.conf文件中。
Failed authorization procedure. blog.domain.net (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://blog.domain.net/.well-known/acme-challenge/FVQmSHuCmeiOObPDOCiD2OFP8Ivvst5n2ZwIZoeXGU8: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: blog.domain.net
Type: unauthorized
Detail: Invalid response from
http://blog.domain.net/.well-known/acme-challenge/FVQmSHuCmeiOObPDOCiD2OFP8Ivvst5n2ZwIZoeXGU8:
"<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>
<hr><center>"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
任何帮助,非常感谢!
谢谢
- 编辑*
内内conf.d网站可用/ blog.domain.net.conf
server {
listen 80;
server_name blog.domain.net www.blog.domain.net;
# note that these lines are originally from the "location /" block
root /var/www/blog.domain.net/html;
index index.php index.html index.htm;
location/{
try_files $uri $uri/ =404;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:2000;
proxy_redirect off;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
代码代码/ blog.domain.net.conf
# upstream ghost {
# server 127.0.0.1:2000;
# }
server {
listen 80;
server_name blog.domain.net;
access_log /var/log/nginx/ghost.access.log;
error_log /var/log/nginx/ghost.error.log;
proxy_buffers 16 64k;
proxy_buffer_size 128k;
location ~ /.well-known {
/var/www/blog.domain.net/html;
}
location/{
proxy_pass http://127.0.0.1:2000;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
}
}
嗨@ sideeffect0! 感谢您的帮助!我试过你的建议,不幸的是它似乎没有改变任何东西:( 我已经发布了一个编辑我的问题与代理传递的代码在nginx/sites-available目录以及nginx/conf.d目录 – user3648969
首先'站点启用'目录用于处理活动nginx配置,运行nginx重新加载,并且还评论你如何运行let'sencrypt安装程序 –
这不是'网站启用',而是'站点可用'文件夹,虽然我猜他们是链接/链接的权利 反正,我运行sudo nginx -t,它给了我'/var/www/blog.domain.net/html“/etc/nginx/conf.d中的未知指令/blog.domain.net.conf' – user3648969