logo标签列表

在同一nginx服务器上使用SSL的两个node.js域 - 443端口重复监听选项

node.jsubuntusslnginxdigital-ocean
28

我在我的DigitalOcean droplet上设置了两个Web应用程序,现在我想在不同的域名下运行这两个应用程序,并且使用SSL加密。

如果我只使用其中一个域名,我可以确认一切正常,但当我尝试同时运行两个应用程序时,就会出现错误。

nginx -t
duplicate listen options for [::]:443 in /etc/nginx/sites-enabled/hello.com:26

/etc/nginx/sites-avilable/hello.com

server {
    server_name hello.com www.hello.com;

    location / {
            proxy_pass http://localhost:4000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
    }

    listen [::]:443 ssl ipv6only=on default_server; # managed by Certbot
    listen 443 ssl default_server; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/hello.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/hello.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

server {
        if ($host = www.hello.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot


    if ($host = hello.com) {
            return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80 default_server;
    listen [::]:80 default_server;

    server_name hello.com www.hello.com;
    return 404; # managed by Certbot
}

/etc/nginx/sites-available/example.com

server {
    server_name example.com www.example.com;

    location / {
            proxy_pass http://localhost:3000;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
    }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}

server {
        if ($host = www.example.com) {
                return 301 https://$host$request_uri;
        } # managed by Certbot


    if ($host = example.com) {
            return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;

    server_name example.com www.example.com;
    return 404; # managed by Certbot
}

我该怎么避免这个错误?非常感谢您进一步完善nginx文件。
我使用了以下指南:
如何设置Nginx服务器块:https://www.digitalocean.com/community/tutorials/how-to-set-up-nginx-server-blocks-virtual-hosts-on-ubuntu-14-04-lts 如何在Ubuntu 16.04上为生产设置Node.js应用程序:https://www.digitalocean.com/community/tutorials/how-to-set-up-a-node-js-application-for-production-on-ubuntu-16-04 如何使用Let's Encrypt保护Ubuntu 16.04上的Nginx:https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
1个回答
69
问题在于 ipv6only=on,根据文档只能指定一次
默认值已经是on,因此可以安全地删除该选项。
你真棒,Richard。这起作用了。 - Hemant Nagpal
网页内容由stack overflow 提供, 点击上面的
可以查看英文原文,
原文链接