尝试使用 webroot 方法进行加密设置,该方法创建并需要访问 ./.well-known/acme-challenge/ 目录中的文件。那里的所有内容(包括我添加的手动测试文件)都显示为 404。
当我尝试过以下变体时,有点疯狂:
location ~ /.well-known {
allow all;
}
location /.well-known/acme-challenge {
default_type text/plain;
}
location /.well-known {
try_files $uri $uri/ =404;
}
没有运气。我还检查了文件夹的权限,甚至设置为 777。我对设置 nginx 配置还很陌生,所以我确信存在一个将其丢弃的现有条件:
server{
listen 80;
server_name domain.com www.domain.com;
location / {
rewrite ^(.*)$ https://domain.com$1 permanent;
}
location ~ /.well-known {
allow all;
}
}
server {
listen 0.0.0.0:443 ssl;
root /var/www/domain.com/public_html;
index index.php index.html index.htm;
server_name domain.com www.domain.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
client_max_body_size 32m;
}
location ~ /.well-known {
allow all;
}
}