Nginx after adding ssl, one location "driving around", where to look?

K

klim8882018-12-14 14:18:05

Nginx

klim888, 2018-12-14 14:18:05

My nginx successfully threw http on local servers.
Working config:

spoiler

server {
listen 80;
server_name mydom.ru;
location / {
proxy_pass http://192.168.0.96;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location /webmail {
proxy_pass http://192.168.0.97;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location /zabbix {
proxy_pass http://192.168.0.81;
===cut===
}

The backend is Apache/2.4.6 everywhere, default settings, different root directors.
If you add ssl to the config, then everything works as it should, except for one "location /" server.
This is the company's website. The browser says that the certificate is left, and if you accept it, the page looks like after an explosion.
Differences between a crooked config and a working one:

spoiler

server {
listen 80;
server_name mydom.ru;
return 301 https://mydom.ru$request_uri;
}
server {
listen 443 ssl http2;
server_name mydom.ru;
ssl on;
ssl_certificate /etc/letsencrypt/live/mydom.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/mydom.ru/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
location /.well-known/acme-challenge/ {
root /web/sites/mydom.ru/www/;
}
location / {
===cut===
}

Tell me where to look.

Reply

Answer the question

In order to leave comments, you need to log in

0 answer(s)