Fatal编程技术网
  • nginx/
  • 如何使用certbot for HTTPS将www重定向到非www&;nginx

如何使用certbot for HTTPS将www重定向到非www&;nginx

nginx https

如何使用certbot for HTTPS将www重定向到非www&;nginx,nginx,https,ssl-certificate,nginx-config,certbot,Nginx,Https,Ssl Certificate,Nginx Config,Certbot,我正在尝试将www重定向到非www,但它不起作用。我试过类似问题的各种答案,但都不起作用 我有3个域的SSL证书,分别是example.com、www.example.com和admin.example.com 这是我当前的配置,适用于非www和admin,但www.example.com不起作用 # HTTP - redirect all requests to HTTPS server { listen 80; listen [::]:80; return 301 h

我正在尝试将www重定向到非www,但它不起作用。我试过类似问题的各种答案,但都不起作用

我有3个域的SSL证书,分别是
example.com
www.example.com
admin.example.com

这是我当前的配置,适用于非www和admin,但www.example.com不起作用

# HTTP - redirect all requests to HTTPS
server {
    listen 80;
    listen [::]:80;
    return 301 https://$host$request_uri;
}

# Redirect to non-www
server {
    server_name www.example.com;
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    return 301 https://example.com$request_uri;
}

# non-www
server {

    server_name example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
# CMS
server {

    server_name admin.example.com;

    location / {
        proxy_pass http://localhost:1337;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
我使用DigitalOcean,其中管理员和非www都指向我的液滴,而www.example.com有一个指向example.com(非www)的CNAME记录。

首先,www.example.com和example.com应该位于一个服务器块中

其次,您需要将其添加到您的
#非www
服务器配置博客中

if ($host = 'www.example.com') {
        return 301 https://example.com$request_uri;
}
第三,要将所有请求重定向到HTTPS,必须在
#HTTP-将所有请求重定向到HTTPS
块中添加
服务器名称

最后,您的NGINX配置文件如下所示


# HTTP - redirect all requests to HTTPS
server {
    server_name example.com www.example.com admin.example.com;
    listen 80;
    listen [::]:80;
    return 301 https://$host$request_uri;
}

# non-www
server {

    server_name example.com www.example.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    if ($host = 'www.example.com') {
        return 301 https://example.com$request_uri;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
# CMS
server {

    server_name admin.example.com;

    location / {
        proxy_pass http://localhost:1337;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.se/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.se/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}


更新NGINX配置文件后,请重新启动NGINX:


$ sudo systemctl restart nginx