问个 nginx http / https 的问题

类似第一个块 再写一个～

再写个 443 的 example.com 不就行了?
server {
listen 443 ssl http2;
ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name example.com ;
return 301 https://example.com$request_uri;
}

server {
listen 443;
server_name www.example.com ;
return 301 https://example.com$request_uri;
}

@shierji
@walkingway
不行的

最近迷上 caddy 了，配置文件都不用指定就跳转

@HLT 没问题的 肯定可以的

这里有个方案，顺着配置很清晰的：

https://bashy.im/blog/nginx-redirect-to-https-with-without-www-subdomain

我前几天刚好解决了这个问题，写一个带 www 的 https 配置

server
{
listen 443;
#listen [::]:80;
ssl on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /usr/local/nginx/ssl/fullchain.cer;
ssl_certificate_key /usr/local/nginx/ssl/domain.me.key;
server_name www.domain.com;
return 301 https://domain.com$request_uri;

}

这有多麻烦。。
# HTTPS Config Start #
#server {
#listen 80;
#server_name osu.pink www.osu.pink;
#return 301 https://www.osu.pink$request_uri;
#}
#
#server {
#listen 443 ssl http2;
#server_name osu.pink;
#
#ssl_prefer_server_ciphers on;
#ssl_session_cache shared:SSL:10m;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
#ssl_certificate /usr/local/nginx/conf/1.crt;
#ssl_certificate_key /usr/local/nginx/conf/1.key;
#
#return 301 https://www.osu.pink$request_uri;
#}
#
#server {
#listen 443 ssl http2;
#server_name www.osu.pink;
#index index.php index.htm index.html;
#root /var/www/html/osu;
#
#ssl_prefer_server_ciphers on;
#ssl_session_cache shared:SSL:10m;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
#ssl_certificate /usr/local/nginx/conf/1.crt;
#ssl_certificate_key /usr/local/nginx/conf/1.key;
#
#location ~ .*\.(php|php5)?$ {
#fastcgi_pass unix:/var/run/phpfpm.sock;
#fastcgi_index index.php;
#include fastcgi.conf;
#}
#}

@lslqtz
@Patrick95
@yytsjq
@Showfom

已经搞定了，谢谢大家

@haocity
@walkingway
@shierji

谢谢大家

只需要像 walkingway 那样就行了 其他不用配置

@HLT 咋解决的，说下答案啊

@jackroyal 还是要单独填一个 443 的块，然后 server_name 是 www 的，指定 301 跳 https 的 @

我之前也是按朋友告诉那么做的，只是单独填的那个 443 忘记加证书路径了。。。

@shierji 嗯，我提问题之前也是那么做的，只是忘记加证书路径了 所以不好使

@HLT

完整配置






server {
listen 80;
server_name example.com www.example.com;
return 301 https://example.com$request_uri;
}


server {
listen 443 ssl http2;
ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;
server_name www.example.com;
return 301 https://example.com$request_uri;
}



server
{
#listen 80;
listen 443 ssl http2;
#listen [::]:80;

ssl on;
ssl_certificate /usr/local/nginx/conf/example.crt;
ssl_certificate_key /usr/local/nginx/conf/example.key;

server_name example.com;
index index.html index.htm index.php default.html default.htm default.php;
root /home/wwwroot/example.com;
include example.conf;
#error_page 404 /404.html;
include enable-php.conf;

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 30d;
}

location ~ .*\.(js|css)?$
{
expires 12h;
}

location ~ /\.
{
deny all;
}

access_log off;
}

写两个 server

一个把 www 和 @的 80 端口 301 到 https

再写一个 https 的 server