以下将用www.text.cn域名代替我实际使用的域名,有且仅有一个证书,目前面板和chat-next-web应用都是使用的这个证书,且正常能通过https访问到。
从应用商店中下载的chat-next-web应用(假设端口是8120),配置nginx反向代理到127.0.0.1:8120,配置好https证书后成功能使用https://www.text.cn:8211正常访问,今天我又安装了一个在线vscode的web应用(假设端口8122),同样的配置反向代理和https,但是我并不能通过https://www.text.cn:8212访问,只能通过http://www.text.cn:8211,我以为是nginx配置文件的问题,于是我把chatgpt的配置文件复制了一份,修改了项目名称,端口,其他几乎一模一样,但是仍然不能正常访问,对于这类知识掌握很浅,找不到原因,只能来问问了。在线vscode应用的配置文件如下。
server {
listen 40032 ssl http2 ;
server_name http://www.text.cn;
index index.php index.html index.htm default.php default.htm default.html;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Real-IP $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
access_log /www/sites/vscode-online/log/access.log main;
error_log /www/sites/vscode-online/log/error.log;
location ^~ /.well-known/acme-challenge {
allow all;
root /usr/share/nginx/html;
}
include /www/sites/vscode-online/proxy/*.conf;
ssl_certificate /www/sites/vscode-online/ssl/fullchain.pem;
ssl_certificate_key /www/sites/vscode-online/ssl/privkey.pem;
ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
add_header Strict-Transport-Security "max-age=31536000";
error_page 497 https://$host$request_uri;
proxy_set_header X-Forwarded-Proto https;
ssl_stapling on;
ssl_stapling_verify on;
if ($scheme = http) {
return 301 https://$host$request_uri;
}
}