我在Ubuntu Server 14.04上有最新的nginx版本。 我主持了一些域名,现在我正在尝试在所有域名上实现letsencrypt。 我已经有一个带有comodo证书的域名,我们称之为domainone.com ,工作得很好。 我已经build立了第二个域名, domaintwo.com``` with letsencrypt, but when I try to access the说domaintwo.com``` with letsencrypt, but when I try to access the via HTTPS I get the content from domaintwo.com``` with letsencrypt, but when I try to access the domaintwo.com时via HTTPS I get the content from domainone.com` via HTTPS I get the content from并且发出了一个无效的证书警告。
这里是两个域的nginxconfiguration:
domainone.com:
server { listen 80; server_name domainone.com www.domainone.com; rewrite ^ https://www.domainone.com$request_uri? permanent; } server { listen 443 ssl http2; server_name domainone.com www.domainone.com; root /usr/share/nginx/domainone.com/html; index index.php index.html index.htm; include /etc/nginx/snippets/ssl-params.conf; include /etc/nginx/snippets/ssl-domainone.com.conf; if ($scheme = http) { return 301 https://$server_name$request_uri; } location / { try_files $uri $uri/ /index.php?$args; } location ~ /.well-known { allow all; } ... }
domaintwo.com:
server { listen 80; listen [::]:80; server_name domaintwo.com www.domaintwo.com; return 301 https://www.domaintwo.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; include /etc/nginx/snippets/ssl-domaintwo.com.conf; include /etc/nginx/snippets/ssl-params.conf; root /usr/share/nginx/domaintwo.com/html; index index.php index.html index.htm; location ~ /.well-known { allow all; } ... }
Nginx版本:
$ nginx -V nginx version: nginx/1.10.1 built with OpenSSL 1.0.1f 6 Jan 2014 TLS SNI support enabled ...
我错过了什么?
您的domaintwo.com服务器没有server_name声明:
server_name domaintwo.com www.domaintwo.com;
因为这个Nginx在HTTPS请求进来时select了支持HTTPS的第一个域。
我有一个关于Nginx / Let's Encrypt的教程可能是有用的。