Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
ukoHka2017-03-18 16:09:09
Nginx
ukoHka, 2017-03-18 16:09:09

How does nginx + apache2 + let's encrypt work?

Can't set up https when using nginx
As far as I understand, nginx listens on ports :80 and :443, while apache only listens on :8080.
When a request is made to the server, all configs from /etc/nginx/sites-enabled/ are loaded first.
If the server_name matches, then the appropriate test config is executed, if there are none, then the default config is executed, in which server_name localhost is specified.
Inside test, if port is 80, the request is redirected to the 433rd.
In 443, the /etc/letsencrypt/live/test.example.com/fullchain.pem keys are registered
From 443, if a script is requested, the request is redirected to 127.0.0.1:8080 and apache intercepts it.
there, a suitable config is loaded from ServerName test.example.com and the specified script is executed.
But in my case, an invalid certificate error occurs. The page opens correctly, so the general route is correct. What causes such problems?
Config /etc/nginx/sites/enabled/test:

server {
    listen 80;
    server_name test.example.com;
    rewrite     ^   https://$host$request_uri? permanent;
}

server {
        listen   443 ssl;

        server_name test.example.com;

    ssl_certificate /etc/letsencrypt/live/test.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/test.example.com/privkey.pem;

    # Turn on OCSP stapling as recommended at
    # https://community.letsencrypt.org/t/integration-guide/13123
    # requires nginx version >= 1.3.7
    ssl_stapling on;
    ssl_stapling_verify on;
        location /.well-known {
                alias /var/www/test/.well-known;
        }

        location / {
        try_files $uri $uri/ /index.php;
        }

        location ~ \.php$ {

        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:8080;

         }

         location ~ /\.ht {
                deny all;
        }
}

Config /etc/apache2/sites-enabled/test.conf:
<VirtualHost 127.0.0.1:8080>
        ServerName test.example.com
        ServerAdmin [email protected]
        DocumentRoot /var/www/test
        ErrorLog /var/log/apache2/test/error.log
        CustomLog /var/log/apache2/test/access.log combined
        <Directory /var/www/test>
                AllowOverride All
                Options -Indexes
        </Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =test.example.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

RewriteEngine commented out because the redirect is already in nginx.
I would think that the problem is in the certificate, but before installing nginx everything worked without problems.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey Zyuzenkov, 2017-03-18
@devzav

What is a certificate error?

Similar questions
N
Nikita2019-12-07 16:33:20
Why does "tbody" "tfoot" stop rowspan from working? 2Reply
N
Nurik2022-03-18 12:02:04
Is it possible to parse data from POST inside nginx? 3Reply
I
Ivan2014-08-14 17:33:04
What is the best way to switch between environments in Symfony? 1Reply
I
Ivan2022-03-18 22:56:29
How to exclude words in this regular expression? 1Reply
K
kkoshakk2016-08-29 18:09:58
Is the Stub Status module needed? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question