Fatal编程技术网
  • ssl/
  • Ssl NGINX+;让';s encrypt:无法自动找到匹配的服务器块

Ssl NGINX+;让';s encrypt:无法自动找到匹配的服务器块

ssl nginx

Ssl NGINX+;让';s encrypt:无法自动找到匹配的服务器块,ssl,nginx,lets-encrypt,nginx-config,certbot,Ssl,Nginx,Lets Encrypt,Nginx Config,Certbot,我正在Ubuntu 18.04服务器上发布一个用PythonPyramid制作的网站。该网站在HTTP上正常运行,现在我尝试通过以下方式使其在HTTPS上运行,但在尝试安装时,我收到以下消息: IMPORTANT NOTES: - Unable to install the certificate - Congratulations! Your certificate and chain have been saved at: /etc/letsencrypt/live/dev.any

我正在Ubuntu 18.04服务器上发布一个用PythonPyramid制作的网站。该网站在HTTP上正常运行,现在我尝试通过以下方式使其在HTTPS上运行,但在尝试安装时,我收到以下消息:

IMPORTANT NOTES:
 - Unable to install the certificate
 - Congratulations! Your certificate and chain have been saved at:
   /etc/letsencrypt/live/dev.anything.com/fullchain.pem
   Your key file has been saved at:
   /etc/letsencrypt/live/dev.anything.com/privkey.pem
   Your cert will expire on 2019-03-17. To obtain a new or tweaked
   version of this certificate in the future, simply run certbot again
   with the "certonly" option. To non-interactively renew *all* of
   your certificates, run "certbot renew"
这是我的配置文件,位于
/etc/nginx/sites available/snow\u service.nginx

server {
    listen 80;
    listen 443 ssl;
    server_name dev.anything.com
    server_tokens off;
    ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;

    charset utf-8;
    client_max_body_size 1M;

    location /static {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
        expires 1d;
    }
    location / {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        try_files $uri @yourapplication;
    }
    location @yourapplication {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        server_tokens off;
        include uwsgi_params;
        proxy_set_header Host $host;
        proxy_set_header real_scheme $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://127.0.0.1:8999;
    }
}
我还尝试用域名重命名该文件,但效果不太好。 我手动放置ssl证书的路径,因为我在堆栈溢出的另一个答案中看到了它

我错过了什么?感谢您的帮助

以下是解决方案: 我正在更改
站点可用
文件夹中的文件,而没有更改
站点启用
文件夹中的文件。这是最终文件内容:

server {
    listen 80 default_server;
    server_name dev.anything.com;
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    server_name elglobe_snow_service
    server_tokens off;

    ssl_certificate /etc/letsencrypt/live/dev.anything.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.anything.com/privkey.pem;

    charset utf-8;
    client_max_body_size 1M;

    location /static {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        alias /webapps/englobe_snow_pyramid_rest_api/pyramid_rest_api/static;
        expires 1d;
    }
    location / {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        try_files $uri @yourapplication;
    }
    location @yourapplication {
        gzip            on;
        gzip_buffers    8 256k;
        uwsgi_buffers   8 256k;

        server_tokens off;
        include uwsgi_params;
        proxy_set_header Host $host;
        proxy_set_header real_scheme $scheme;
        proxy_set_header X-Forwarded-Protocol $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://127.0.0.1:8999;
    }
}
启用的站点中的文件应该只是指向可用站点中“真实”文件的链接。 您应该只编辑可用站点中的,然后运行

cd/etc/nginx/已启用站点 ln-s../sites available/your-site.conf

以启用该站点

如果要禁用站点,只需删除已启用站点中的链接。

确切路径是什么?