有一个问题,当我尝试访问https://betterexaminations.ie ,我得到连接拒绝,但当我尝试的IP,它工作正常,(https://)46.137.41.29。
任何想法可能是什么问题?
在这里我的nginxconfiguration:
worker_processes 1; #error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events { worker_connections 1024; } http { passenger_root /var/lib/gems/1.8/gems/passenger-3.0.12; passenger_ruby /usr/bin/ruby1.8; server { listen 443; server_name betterexaminations.ie; root /var/rails/papers/public/; passenger_enabled on; ssl on; ssl_certificate /var/rails/papers/certs/csr/thawte/certificate.bundle.cert; ssl_certificate_key /var/rails/papers/certs/csr/www.betterexaminations.ie.key; ssl_verify_depth 3; } server { listen 80; server_name betterexaminations.ie; root /var/rails/papers/public/; passenger_enabled on; } } 在Nginx日志或rails日志中我没有遇到任何有趣的错误。
有任何想法吗?
编辑:
nmap -sT -r -n -p443 betterexaminations.ie
输出:
Starting Nmap 5.21 ( http://nmap.org ) at 2012-11-29 01:01 UTC Nmap scan report for betterexaminations.ie (46.137.41.29) Host is up (0.0022s latency). PORT STATE SERVICE 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 0.05 seconds
DNSconfiguration不正确:
$ host -t A betterexaminations.ie betterexaminations.ie has address 54.247.125.236
现在看来好了:
$ host -t A betterexaminations.ie betterexaminations.ie has address 46.137.41.29
证书似乎没问题:
$ echo ""|openssl s_client -connect 46.137.41.29:443|openssl x509 -subject -issuer -dates -noout depth=2 C = US, O = "thawte, Inc.", OU = Certification Services Division, OU = "(c) 2006 thawte, Inc. - For authorized use only", CN = thawte Primary Root CA verify error:num=20:unable to get local issuer certificate verify return:0 DONE subject= /OU=Go to https://www.thawte.com/repository/index.html/OU=Thawte SSL123 certificate/OU=Domain Validated/CN=betterexaminations.ie issuer= /C=US/O=Thawte, Inc./OU=Domain Validated SSL/CN=Thawte DV SSL CA notBefore=Nov 17 00:00:00 2012 GMT notAfter=Nov 17 23:59:59 2013 GMT