Nginx

配置 SSL 後無法訪問 Nginx 網路伺服器(Certbot、LetsEncrypt)

  • June 30, 2020

我是 AWS 和 Web 伺服器的新手,在這個項目中使用 nginx,在程式碼中使用 MERN 堆棧。無論如何,我使用本教程啟動並執行了我的網站,並使用教程(使用letsencrypt和certbot)嘗試將SSL添加到我的網站,這在標準http中執行良好。現在,當我嘗試訪問該站點時,它會超時並顯示 chromeThis site can’t be reached www.instaspots.net took too long to respond.

我的 nginx 配置文件看起來像

 server_name instaspots.net;
add_header Content-Security-Policy upgrade-insecure-requests;

 # react app & front-end files
 location / {
   root /opt/frontend/build;
   try_files $uri /index.html;
 }

 # node api reverse proxy
 location /items/ {
   proxy_pass http://localhost:4000/;
 }

   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/live/instaspots.net/fullchain.pem; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/live/instaspots.net/privkey.pem; # managed by Certbot
   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
   server_name www.instaspots.net; # managed by Certbot
add_header Content-Security-Policy upgrade-insecure-requests;

 # react app & front-end files
 location / {
   root /opt/frontend/build;
   try_files $uri /index.html;
 }

 # node api reverse proxy
 location /items/ {
   proxy_pass http://localhost:4000/;
 }

   listen 443 ssl; # managed by Certbot
   ssl_certificate /etc/letsencrypt/live/instaspots.net/fullchain.pem; # managed by Certbot
   ssl_certificate_key /etc/letsencrypt/live/instaspots.net/privkey.pem; # managed by Certbot
   include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
   ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



}server {
   if ($host = instaspots.net) {
       return 301 https://$host$request_uri;
   } # managed by Certbot


 listen 80 default_server;
 server_name instaspots.net;
   return 404; # managed by Certbot


}server {
   if ($host = www.instaspots.net) {
       return 301 https://$host$request_uri;
   } # managed by Certbot


 listen 80 ;
   server_name www.instaspots.net;
   return 404; # managed by Certbot


}

sudo netstat -plnt | grep nginx 返回

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      62312/nginx: master 
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      62312/nginx: master 

這一切看起來都很好,但是其他人調試這個使用nc -zv instaspots.net 443但是當我嘗試它返回時 connectx to instaspots.net port 443 (tcp) failed: Operation timed out讓我相信這可能有助於指出問題。不幸的是,我在系統管理員方面缺乏調試技能,所以如果有人能指導我進行調試,我將非常感激。

您必須在 AWS 安全組中打開埠 443。

引用自:https://serverfault.com/questions/1023538