如何解决Nginx 顶级域有详细说明子域的 ssl 错误
出于某种原因,当我导航到 http://mydomain.me/s1 时,我收到一个 Your connection isn't private 警告,带有 NET::ERR_CERT_COMMON_NAME_INVALID 和主题:homeassistant.mydomain.me
但我希望在 127.0.0.1:8081 看到网站,就像我去 chivers.me/ 看到网站在 127.0.0.1:8080
为什么会这样?
mydomain.me:
server {
listen 80 ;
server_name mydomain.me;
location / {
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location /s1/ {
proxy_pass http://127.0.0.1:8081/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
homeassistant.mydomain.me:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
server_name homeassistant.mydomain.me;
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name homeassistant.mydomain.me;
ssl_certificate /etc/letsencrypt/live/homeassistant.mydomain.me/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/homeassistant.mydomain.me/privkey.pem;
ssl_dhparam /etc/Nginx/ssl/dhparams.pem;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
ssl_protocols TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
proxy_buffering off;
location / {
proxy_pass http://my-home-assistant.url:8123;
proxy_set_header Host $host;
proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
subdom1.mydomain.me:
server {
listen 80;
server_name subdom1.mydomain.me;
location / {
proxy_pass http://another-url.co.uk/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。
