Nginx 如何在1个数字海洋水滴上拥有多个域共享自我证书ssl证书

我创建了如下证书： 以下步骤来自：

使用我的域示例：

• 通用名称（例如服务器FQDN或您的姓名）：

在文章中，它说我只能有一个默认服务器，我假设self-cert可以使用它

假设我的nginx上有两个网站，如下所示：

/etc/nginx/sites available/examplesite1.com

/etc/nginx/sites available/examplesite2.com

两者都使用如下配置：（第二个示例为examplesite2.com）

注意，在本例中，我将转发到代理服务器node.js

server {
  listen 80;
  server_name examplesite1.com www.examplesite1.com;
  return 301 https://$server_name$request_uri;
  client_max_body_size 10G;
  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:8000;
    proxy_set_header Host $http_host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off;
  }
}
server {
    # SSL configuration
    server_name www.examplesite1.com www.www.examplesite1.com;
    listen 443 ssl http2 default_server;
    listen [::]:443 ssl http2 default_server;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;
}

适当设置符号链接：

ln -s /etc/nginx/sites-available/examplesite1.com /etc/nginx/sites-enabled/examplesite1.com
ln -s /etc/nginx/sites-available/examplesite2.com /etc/nginx/sites-enabled/examplesite2.com

如果我将“default_server”更改为我的url，它将破坏nginx配置

  listen 443 ssl http2 www.examplesite1.com;

错误 nginx:[emerg]在/etc/nginx/sites enabled/examplesite1.com中的参数“www.examplesite1.com”无效：18 nginx:配置文件/etc/nginx/nginx.conf测试失败

问题是，如果我像这样保留默认服务器，它就不会将代理转发到我的nginx服务器，而是转到我的默认服务器，这是我不需要的nginx index.html登录页。

我意识到了我的错误 此代码在第一个服务器块中从未到达，因此需要进入listen:443服务器块：

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:8000;
    proxy_set_header Host $http_host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off;
  }

对default_server的引用没有破坏它，但我已经删除了它

现已更新：

server {
  listen 80;
  server_name examplesite1.com www.examplesite1.com;
  # redirect to https
  return 301 https://$server_name$request_uri;
}
server {
    # SSL configuration
    server_name examplesite1.com www.examplesite1.com;

    # remove redirect and replae with proxy stuff here...
    listen 443 ssl;
    listen [::]:443 ssl;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;
    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-NginX-Proxy true;
      proxy_pass http://localhost:8000;
      proxy_set_header Host $http_host;
      proxy_cache_bypass $http_upgrade;
      proxy_redirect off;
    }
}

我意识到我的错误 此代码在第一个服务器块中从未到达，因此需要进入listen:443服务器块：

  location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:8000;
    proxy_set_header Host $http_host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off;
  }

对default_server的引用没有破坏它，但我已经删除了它

现已更新：

server {
  listen 80;
  server_name examplesite1.com www.examplesite1.com;
  # redirect to https
  return 301 https://$server_name$request_uri;
}
server {
    # SSL configuration
    server_name examplesite1.com www.examplesite1.com;

    # remove redirect and replae with proxy stuff here...
    listen 443 ssl;
    listen [::]:443 ssl;
    include snippets/self-signed.conf;
    include snippets/ssl-params.conf;
    location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-NginX-Proxy true;
      proxy_pass http://localhost:8000;
      proxy_set_header Host $http_host;
      proxy_cache_bypass $http_upgrade;
      proxy_redirect off;
    }
}