Nginx HTTPS 连接被拒绝
Nginx HTTPS Connection refused
我无法让 SSL 与我的 Nginx 安装一起工作。我发现了其他几个与此相关的问题,但它们没有解决我的问题。
我做过的检查:
nginx -t returns 没有错误ufw disable 让所有流量通过netstat -nltp 告诉我 tcp:0.0.0.0:80 和 tcp:0.0.0.0:433 去 nginx: mastercurl -v https://mywebsite.nl returns Failed to connect to mywebsite.nl port 443: Connection refusedcurl -v http://mywebsite.nl returns 好的
奇怪的事情:
netstat -peanut | grep ":80 " returns tcp:0.0.0.0:80 绑定到 nginx: master 但是当我尝试 netstat -peanut | grep ":443 " 时 returns 什么都没有?- 如果我尝试
nmap -p 433 mywebsite.nl 它 returns 433/tcp filtered nnsp 而我希望端口像端口 80 一样打开
我将我的 CA 证书与我自己的证书捆绑在一起(按照 Nginx 文档中提到的正确顺序)。
我的 Nginx-conf 看起来像这样:
server {
listen 80;
listen 433 ssl http2;
ssl_certificate /etc/ssl/certs/mywebsite.nl-bundle.crt;
ssl_certificate_key /etc/ssl/certs/mywebsite.nl.key;
server_name *.mywebsite.nl;
root /var/www/mywebsite-app/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
listen 433 ssl http2;
它应该是 443,而不是 433。另请参阅错误消息,其中还说它尝试连接到端口 443:
Failed to connect to covidtesta4.nl port 443: Connection refused
我无法让 SSL 与我的 Nginx 安装一起工作。我发现了其他几个与此相关的问题,但它们没有解决我的问题。
我做过的检查:
nginx -treturns 没有错误ufw disable让所有流量通过netstat -nltp告诉我tcp:0.0.0.0:80和tcp:0.0.0.0:433去nginx: mastercurl -v https://mywebsite.nlreturnsFailed to connect to mywebsite.nl port 443: Connection refusedcurl -v http://mywebsite.nlreturns 好的
奇怪的事情:
netstat -peanut | grep ":80 "returnstcp:0.0.0.0:80绑定到nginx: master但是当我尝试netstat -peanut | grep ":443 "时 returns 什么都没有?- 如果我尝试
nmap -p 433 mywebsite.nl它 returns433/tcp filtered nnsp而我希望端口像端口 80 一样打开
我将我的 CA 证书与我自己的证书捆绑在一起(按照 Nginx 文档中提到的正确顺序)。
我的 Nginx-conf 看起来像这样:
server {
listen 80;
listen 433 ssl http2;
ssl_certificate /etc/ssl/certs/mywebsite.nl-bundle.crt;
ssl_certificate_key /etc/ssl/certs/mywebsite.nl.key;
server_name *.mywebsite.nl;
root /var/www/mywebsite-app/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
listen 433 ssl http2;
它应该是 443,而不是 433。另请参阅错误消息,其中还说它尝试连接到端口 443:
Failed to connect to covidtesta4.nl port 443: Connection refused