我正在尝试让 Letsencrypt 在 Ubuntu 15.10 服务器上与 Phusion Passenger (Nginx) 一起使用。
我采取的步骤:
sudo git clone https://github.com/letsencrypt/letsencrypt /opt/letsencrypt
sudo service nginx stop
cd /opt/letsencrypt
./letsencrypt-auto certonly --standalone -d example.com -d www.example.com
这创建了 cert、chain、fullchain 和 privkey pem 文件。然后,我使用以下内容编辑了我的 /etc/nginx/sites-available/example.conf:
server {
listen 80;
server_name example.com www.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
root /home/myuser/example/public;
passenger_enabled on;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
# File upload size:
client_max_body_size 7M;
location ~ ^/(assets)/ {
expires max;
add_header Cache-Control public;
gzip_static on;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
然后我重新启动了nginx。当我现在运行curl -iv https://example.com
时,我得到以下响应:
* Rebuilt URL to: https://example.com/
* Trying xxx.xx.xx.xx...
* Connected to example.com (xxx.xx.xx.xx) port 443 (#0)
* Server aborted the SSL handshake
* Closing connection 0
curl: (35) Server aborted the SSL handshake
端口 80 和 443 已打开:
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN`
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
我在这里做错了什么吗?我现在基本上使我的服务器无法访问。非常感谢任何帮助。如果有帮助,我正在使用乘客版本 5.0.23。
提前致谢