SSL认证不一致NGINX

如何解决SSL认证不一致NGINX

我在Digital Ocean小滴上使用带有NGINX的Certbot来服务各种子域。我的本地计算机（chrome，safari和firefox）和我的朋友计算机（chrome和firefox）上的子域可以安全访问，但在我的电话或其他人的计算机（chrome，safari）上却不安全。如何使域和子域始终安全？

域如下：

• joshkaiser.dev（预期：502）
• survivops.joshkaiser.dev（预期：半成品网站）
• sortvisualizer.joshkaiser.dev（预期：条形图）

我认为我的NGINX配置有问题，但是我不知道是什么。

这是我的nginx.conf：

http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;

        server_names_hash_bucket_size 64;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3,ref: POODLE
        ssl_prefer_server_ciphers on;

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

这是我在/ etc / nginx / sites-enabled /中的johskaiser.dev.conf：

server {
    listen 80 default_server http2;
    listen [::]:80 ipv6only=on http2;   
    server_name joshkaiser.dev www.joshkaiser.dev;

    location / {
        proxy_pass http://localhost:8080;
    }
}

server {
    listen 443 ssl default_server http2;
    listen [::]:443 ipv6only=on http2;
    
    server_name joshkaiser.dev www.joshkaiser.dev;

    ssl_certificate     /etc/letsencrypt/live/joshkaiser.dev/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/joshkaiser.dev/privkey.pem;
    
    location / {
        proxy_pass http://0.0.0.0:8080;
    }
}


# Survivops

server {
        listen 80 http2;
        server_name survivops.joshkaiser.dev;

        location / {
                proxy_pass http://localhost:5000;
        }
}

server {
        listen 443 ssl http2;

        server_name survivops.joshkaiser.dev;

        ssl_certificate         /etc/letsencrypt/live/joshkaiser.dev/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/joshkaiser.dev/privkey.pem;

        location / {
                proxy_pass http://0.0.0.0:5000;
        }
}


# Sort Visualizer

server {
        listen 80 http2;
        server_name sortvisualizer.joshkaiser.dev;
    
    root /var/www/sortvisualizer.joshkaiser.dev;

    index index.html;
    
        location / {
        try_files $uri $uri/ =404;
        }
}

server {
        listen 443 ssl http2;

        server_name sortvisualizer.joshkaiser.dev;

    root /var/www/sortvisualizer.joshkaiser.dev;

    index index.html;

        ssl_certificate         /etc/letsencrypt/live/joshkaiser.dev/fullchain.pem;
        ssl_certificate_key     /etc/letsencrypt/live/joshkaiser.dev/privkey.pem;

        location / {
        try_files $uri $uri/ =404;
        }
}

这些是我的证书：

Found the following certs:
  Certificate Name: joshkaiser.dev
    Serial Number: 37d86e384e3b1ad3b0aadb29618f4411683
    Domains: joshkaiser.dev *.joshkaiser.dev
    Expiry Date: 2020-12-20 21:57:41+00:00 (VALID: 87 days)
    Certificate Path: /etc/letsencrypt/live/joshkaiser.dev/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/joshkaiser.dev/privkey.pem

解决方法

暂无找到可以解决该程序问题的有效方法，小编努力寻找整理中！

如果你已经找到好的解决方法，欢迎将解决方案带上本链接一起发送给小编。

小编邮箱:dio#foxmail.com(将#修改为@）