1
有通配符dns子域记录。使用仅域验证SSL证书。 需要以这种方式来设置Nginx的重写规则:nginx通配符子域ssl重写
http://site.com => https://site.com
http://*.site.com => http://*.site.com
我猜是这样的
server {
listen 80;
server_name site.com *.site.com;
if ($host ~* "^([^.]+(\.[^.]+)*)\.site.com$"){
set $subd $1;
rewrite ^(.*)$ http://$subd.site.com$1 permanent;
break;
}
if ($host ~* "^site.com$"){
rewrite ^(.*)$ https://site.com$1 permanent;
break;
}
#rewrite ^https://$server_name$request_uri? permanent;
charset utf-8;
}
server {
listen 443;
server_name site.com;
ssl On;
ssl_certificate /root/site.com.crt;
ssl_certificate_key /root/site.com.key;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:8888;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/site$fastcgi_script_name;
fastcgi_param QUERY_STRING $args;
include fastcgi_params;
}
location/{
root /var/www/site;
index index.php index.html;
if ($host !~ ^(site.com)$) {
return 444;
}
try_files $uri $uri/ /index.php?$args;
}
}
它无限循环。什么是正确的方式来得到这个工作?
nginx的:[提醒]冲突的服务器名称“site.com”上0.0.0.0:80忽略 – 2012-08-13 11:23:06
我想你忘记从你的第二个服务器模块的服务器名删除site.com ... – CyberDem0n 2012-08-13 11:27:00
nginx的:[提醒]冲突的服务器名称“* .site.com”在0.0.0.0:80上,因此它们在同一个端口冲突 – 2012-08-13 11:39:15