Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
U
U
ukoHka2017-03-18 16:09:09
Nginx
ukoHka, 2017-03-18 16:09:09

How does nginx + apache2 + let's encrypt work?

Can't set up https when using nginx
As far as I understand, nginx listens on ports :80 and :443, while apache only listens on :8080.
When a request is made to the server, all configs from /etc/nginx/sites-enabled/ are loaded first.
If the server_name matches, then the appropriate test config is executed, if there are none, then the default config is executed, in which server_name localhost is specified.
Inside test, if port is 80, the request is redirected to the 433rd.
In 443, the /etc/letsencrypt/live/test.example.com/fullchain.pem keys are registered
From 443, if a script is requested, the request is redirected to 127.0.0.1:8080 and apache intercepts it.
there, a suitable config is loaded from ServerName test.example.com and the specified script is executed.
But in my case, an invalid certificate error occurs. The page opens correctly, so the general route is correct. What causes such problems?
Config /etc/nginx/sites/enabled/test:

server {
    listen 80;
    server_name test.example.com;
    rewrite     ^   https://$host$request_uri? permanent;
}

server {
        listen   443 ssl;

        server_name test.example.com;

    ssl_certificate /etc/letsencrypt/live/test.example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/test.example.com/privkey.pem;

    # Turn on OCSP stapling as recommended at
    # https://community.letsencrypt.org/t/integration-guide/13123
    # requires nginx version >= 1.3.7
    ssl_stapling on;
    ssl_stapling_verify on;
        location /.well-known {
                alias /var/www/test/.well-known;
        }

        location / {
        try_files $uri $uri/ /index.php;
        }

        location ~ \.php$ {

        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:8080;

         }

         location ~ /\.ht {
                deny all;
        }
}

Config /etc/apache2/sites-enabled/test.conf:
<VirtualHost 127.0.0.1:8080>
        ServerName test.example.com
        ServerAdmin [email protected]
        DocumentRoot /var/www/test
        ErrorLog /var/log/apache2/test/error.log
        CustomLog /var/log/apache2/test/access.log combined
        <Directory /var/www/test>
                AllowOverride All
                Options -Indexes
        </Directory>
#RewriteEngine on
#RewriteCond %{SERVER_NAME} =test.example.com
#RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

RewriteEngine commented out because the redirect is already in nginx.
I would think that the problem is in the certificate, but before installing nginx everything worked without problems.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
A
Andrey Zyuzenkov, 2017-03-18
@devzav

What is a certificate error?

Similar questions
T
TechNOIR2020-04-22 11:40:59
nginx. Is it possible to include all *.conf from a folder ignoring one or more configs? 1Reply
T
tefoxis2020-04-22 12:01:26
nginx. Why does the $server_addr directive only return the server's local ip? 1Reply
A
Alexander2020-04-22 15:25:02
How to implement a redirect from any links of a domain to the same ones of another? 1Reply
A
Alexey Reut2021-06-18 13:36:45
Laravel + Nginx, nuxt.js How to set up? 1Reply
S
Stanislav Khmelevsky2018-02-15 16:11:18
How to set up cross-domain policy? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question