我需要为我的Rails应用程序之一configurationnginx来通过SSL路由一些页面,但面临configuration问题。
我有一个SSL证书,通用名是example.com ,我的网站是从www.example.com路由到example.com
这是我的nginx.conf:
upstream unicorn { server unix:/tmp/unicorn.sock fail_timeout=0; } server { listen 80; server_name www.example.com; return 301 $scheme://example.com$request_uri; } server { listen 443 ssl; server_name example.com; #return 301 $scheme://example.com$request_uri; ssl on; ssl_certificate /certificate path; ssl_certificate_key /key path; } server { listen 80 default_server; ssl_certificate /certificate path; ssl_certificate_key /key path; root /public directory; try_files $uri/index.html $uri @unicorn; location @unicorn { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://unicorn; } client_max_body_size 50M; } 我已经尝试了不同的configuration,但没有任何工作。 任何build议,将不胜感激。 在此先感谢。
我的问题已经通过下面的修改得到解决,回答这个问题可能会帮助别人:
default_server块中删除了ssl_certificate和ssl_certificate_key 。 ssl_protocols和ssl_ciphers添加到SSL服务器块 修改后的configuration如下图所示:
upstream unicorn { server unix:/tmp/unicorn.sock fail_timeout=0; } server { listen 80; server_name www.example.com; return 301 $scheme://example.com$request_uri; } server { listen 80 default_server; root /example.com/current/public; try_files $uri/index.html $uri @unicorn; ...... } server { listen 443 ssl; server_name example.com www.example.com; ssl on; ssl_certificate /example.com.crt; ssl_certificate_key /example.com.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; ...... }