LetsEncrypt - VirtualMin - Nginx:更改根文件夹
Posted
技术标签:
【中文标题】LetsEncrypt - VirtualMin - Nginx:更改根文件夹【英文标题】:LetsEncrypt - VirtualMin - Nginx : Change Root Folder 【发布时间】:2018-02-07 22:34:29 【问题描述】:我第一次在 ubuntu 16.04 上使用 virtualmin。我的网站根文件夹位于:
public_html/site1
所以当我使用 let's encrypt - 它会在 public_html 中生成密钥文件
但随后无法在以下位置访问它:domain.com/.well-know/...
错误:
Parsing account key...
Parsing CSR...
Registering account...
Already registered!
Verifying example.com...
Wrote file to /home/example/public_html/.well-known/acme-challenge/uRAt9PdzbO8nyt1wClsB4KX04JG80qFluSXGs, but couldn't download http://example.com/.well-known/acme-challenge/uRAt9PdzbO8nyt1wClsB4KX04JG80qFluSXGs
Traceback (most recent call last):
File "/usr/share/webmin/webmin/acme_tiny.py", line 235, in <module>
main(sys.argv[1:])
File "/usr/share/webmin/webmin/acme_tiny.py", line 231, in main
signed_crt = get_crt(args.account_key, args.csr, args.acme_dir, args.dns_hook, args.cleanup_hook, log=LOGGER, CA=args.ca)
File "/usr/share/webmin/webmin/acme_tiny.py", line 184, in get_crt
domain, challenge_status))
ValueError: example.com challenge did not pass:
我正在使用 nginx,我在启用站点的 conf 中有这个:
server
server_name .azure.com;
return 301 http://www.example.com$request_uri;
server
server_name example.com www.example.com;
listen 10.0.1.4;
root /home/example/public_html/public;
index index.html index.php;
access_log /var/log/virtualmin/example.com_access_log;
error_log /var/log/virtualmin/example.com_error_log;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_FILENAME /home/example/public_html/public$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT /home/example/public_html/public;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param HTTPS $https;
location /
try_files $uri $uri/ /index.php?$query_string;
gzip on;
location ~* \.(?:css|js|woff|eot|svg|ttf|otf|png|gif|jpe?g)
expires max;
location ~ \.php$
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
location ~ /\.ht
deny all;
location ^~ /public/.well-known/acme-challenge/
default_type "text/plain";
root /var/www/letsencrypt;
listen 10.0.1.4:443 default_server ssl;
ssl_certificate /home/example/ssl.cert;
ssl_certificate_key /home/example/ssl.key;
任何想法如何解决它?
【问题讨论】:
php 标签是什么?
发布完整的 nginx 配置
@TarunLalwani - 更新
【参考方案1】:
我知道如何解决它。你必须在你的虚拟主机中评论一行。
#RedirectMatch /(?!.well-known)(.*)$ https://example.com/$1
Note: Remember to replace example.com with your own domain name.
然后再次请求证书并删除虚拟主机中的注释“#”,一切都很好。
我猜这是一个错误...
我希望这能解决您的问题。
【讨论】:
【参考方案2】:试试这个
location ^~ /.well-known/acme-challenge/
alias /home/example/public_html/;
try_files $uri $uri/ =404;
【讨论】:
添加nginx错误日志和访问日志查看请求【参考方案3】:解决方案在 linux 上很简单,只需从 public_html/public/.well-known 创建一个指向 public_html/.well-known 的符号链接
cd /home/user/public_html
# Skip this step if the directory already exists
mkdir -p .well-known/acme-challenge
# the user and group are the same in case of virtualmin
chown user:group .well-known
cd public
ln -s ../.well-known .well-known
# To verify
ls -la
输出应该如下所示
Source
【讨论】:
以上是关于LetsEncrypt - VirtualMin - Nginx:更改根文件夹的主要内容,如果未能解决你的问题,请参考以下文章
Virtualmin 服务器通过另一个 Virtualmin 服务器发送/接收邮件?