如何全站启用 https 访问,按照网上教程来写配置的话网站会无限重定向。
P013onEr · P013onEr · 2014-10-19 15:55:07 +08:00 · 9078 次点击这是一个创建于 3667 天前的主题,其中的信息可能已经有所发展或是发生改变。
 |
1
bitwing 2014-10-19 16:20:36 +08:00  1
server {
listen 80; server_name www.xxx.com xxx.com; return 301 https://www.xxx.com$request_uri; } server { listen 443; server_name xxx.com; return 301 https://www.xxx.com$request_uri; } ssl_session_cache shared:SSL:10m; ssl_session_timeout 10m; server { listen 443 default_server ssl; server_name www.xxx.com; keepalive_timeout 70; ssl_certificate /etc/nginx/ssl/ssl-unified.crt; ssl_certificate_key /etc/nginx/ssl/ssl2.key; ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; 這個配置都會重定向到 https://www.xxx.com |
|
2
bitwing 2014-10-19 16:33:22 +08:00 1
額,發錯了,不是全站的,題主無視吧
|
 |
3
ytf4425 2014-10-19 16:40:52 +08:00 1
把你的配置发来看看,我给你改
|
|
4
ytf4425 2014-10-19 17:09:29 +08:00 1
nginx的配置
你参考一下,改成自己的目录和域名 server { listen 80; #listen [::]:80; server_name www.gfw.im gfw.im; rewrite ^/(.*) https://www.gfw.im/$1 permanent; index index.html index.htm index.php default.html default.htm default.php; root /home/wwwroot/www.gfw.im; include wordpress.conf; #error_page 404 /404.html; location ~ [^/]\.php(/|$) { # comment try_files $uri =404; to enable pathinfo try_files $uri =404; fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; #include pathinfo.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } access_log /home/wwwlogs/www.gfw.im.log access; } server { listen 443 ssl spdy; ssl on; ssl_certificate /home/wwwroot/ssl/ssl.crt; ssl_certificate_key /home/wwwroot/ssl/ssl.key.out; ssl_session_timeout 5m; #listen [::]:80; server_name www.gfw.im gfw.im; index index.html index.htm index.php default.html default.htm default.php; root /home/wwwroot/www.gfw.im; include wordpress.conf; #error_page 404 /404.html; location ~ [^/]\.php(/|$) { # comment try_files $uri =404; to enable pathinfo try_files $uri =404; fastcgi_pass unix:/tmp/php-cgi.sock; fastcgi_index index.php; include fastcgi.conf; #include pathinfo.conf; } location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ { expires 30d; } location ~ .*\.(js|css)?$ { expires 12h; } access_log /home/wwwlogs/www.gfw.im.log access; } |
 |
5
YonionY 2014-10-19 18:02:36 +08:00 2
建议检查下程序有没有启用SSL的选项,有可能是你的程序设定了强制使用协议http,Nginx跳到https后程序只认http又跳转回http,nginx识别到http后又跳回https上,然后就死循环了,一些程序没有给出SSL选项就只能在源码中找到写死http的部分改成https来解决。
|
 |
6
ghy459 2014-10-19 19:20:22 +08:00 1
我的配置,给你参考一下
server { listen 80; server_name hack0nair.me; location / { rewrite ^(.*)$ https://hack0nair.me$1 permanent; } } # HTTPS server server { listen 443 ssl; server_name hack0nair.me; ssl_certificate /root/ssl/hack0nair.me.crt; ssl_certificate_key /root/ssl/hack0nair.me.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!DSS:!PKS; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; # ssl_stapling on; # ssl_stapling_verify on; location / { root /var/www/hack0nair.me; index index.html; } } |
 |
9
typcn 2014-10-20 00:11:08 +08:00 1
find /path/to/hexo | grep "http:"
全改成 https |
 |
10
ProfFan 2014-10-20 01:03:27 +08:00 1
曾经遇到过,如果是多站点SSL跳的话记得要proxy_set_header Host $host; 否则有可能会因为后端应用的问题无限跳转。
|
 |
11
P013onEr OP 搞定了。重新完整的弄了一下。
|
Select Language