Redirect Nginx子域：重定向/。Let'的已知路径；s加密

我有一个运行着两个子域名的Nginx服务器。其中一个使用代理传递将所有内容重定向到Meteor应用程序，另一个子域仅使用Laravel，但目录与普通域不同

因此，当我启动

/letsencrypt auto

时，两个子域都会收到以下错误消息：

Failed authorization procedure. subdomain.mydomain.com (http-01): urn:acme:error:unauthorized ::
The client lacks sufficient authorization :: Invalid response from http://subdomain.mydomain.com/.well-known/acme-challenge/xyzxyzxy_xzyzxyxyyx_xyzyxzyxz: "<html>
<head><title>404 Not Found</title></head>
<body bgcolor="white">
<center><h1>404 Not Found</h1></center>

但它不起作用

my Meteor子域的配置：

server {
        listen 80;
        listen [::]:80;

        # SSL configuration
        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        […] SSL stuff […]


        server_name meteor.domain.com;

        location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header X-Forwarded-For $remote_addr;
        }

        location ~ /.well-known {
                allow all;
        }

}

server {
        listen 80;
        server_name laravel.domain.com;

        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        […] SSL stuff […]

        root /var/www/laravel/html;


        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }

    location ~ /.well-known {
                allow all;
        }

    location ~ \.(hh|php)$ {
        fastcgi_keep_conn on;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}    

my Laravel子域的配置：

server {
        listen 80;
        listen [::]:80;

        # SSL configuration
        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        […] SSL stuff […]


        server_name meteor.domain.com;

        location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header X-Forwarded-For $remote_addr;
        }

        location ~ /.well-known {
                allow all;
        }

}

server {
        listen 80;
        server_name laravel.domain.com;

        listen 443 ssl;
        listen [::]:443 ssl;

        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        […] SSL stuff […]

        root /var/www/laravel/html;


        location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }

    location ~ /.well-known {
                allow all;
        }

    location ~ \.(hh|php)$ {
        fastcgi_keep_conn on;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}    

---

您的

location~/。众所周知的
块是regex位置，将优先于您尝试添加的前缀位置

你需要删除它们

请参见
位置
指令。
好的，多亏了Richard Smith的提示，我解决了这个问题：

我将其保存在domain.com部分的配置部分中，如教程中所述

location / {
    try_files $uri $uri/ =404;
}

但将其放入subdomain.domain.com的配置部分：

location /.well-known/ {
    root /var/www/domain.com/html;
}

它所做的是将对subdomain.domain.com/.well-known/[anything]
的任何请求处理为
domain.com/.well-known/[anything]
，因此letsencrypt auto不会出错