时间戳

首页 > 解决方案 > NGINX 多个 SSL 证书,具有一个 ip、不同的根和域

nginx - NGINX 多个 SSL 证书,具有一个 ip、不同的根和域

问题描述

我正在尝试使用两个域配置 nginx,每个域都有不同的 ssl 证书和不同的根位置。以下代码显示了两次完全相同的内容。domain1.com 应该去 /home/ubuntu/web/html/domain1 并且应该使用这个:/etc/letsencrypt/live/domain1.com/fullchain.pem 证书。domain2.com 应该去 /home/ubuntu/web/html/domain2 并使用这个 /etc/letsencrypt/live/domain2.com/fullchain.pem 证书。

我尝试了以下方法:

server {  
    listen 80;
    server_name  www.domain1.com;
    return       301 https://domain1.com$request_uri;
}

server {
    listen 80;
    server_name  domain1.com;
    return       301 https://domain1.com$request_uri;
}

server {
    listen 443;
    ssl on;
    ssl_certificate /etc/letsencrypt/live/domain1.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain1.com/privkey.pem;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";

    root /home/ubuntu/web/html/domain1;
    index index.php index.html index.htm;

    server_name domain1.com, www.domain1.com;

    location / {
        try_files $uri $uri/ $uri.html $uri.php?$query_string;
    }


    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_param MAGE_MODE "developer";
    }

}


server {  
    listen 80;
    server_name  www.domain2.com;
    return       301 https://domain2.com$request_uri;
}

server {
    listen 80;
    server_name  domain2.com;
    return       301 https://domain2.com$request_uri;
}

server {
    listen 443;
    ssl on;
    ssl_certificate /etc/letsencrypt/live/domain2.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/domain2.com/privkey.pem;

    ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";

    root /home/ubuntu/web/html/domain2;
    index index.php index.html index.htm;

    server_name domain2.com, www.domain2.com;

    location / {
        try_files $uri $uri/ $uri.html $uri.php?$query_string;
    }


    error_page 404 /404.html;

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
        fastcgi_param MAGE_MODE "developer";
    }

}

事实证明,始终选择一个服务器块作为默认值,并且也用于另一个域。

添加额外的默认服务器也不起作用。

标签: nginx

解决方案

推荐阅读