解决开启了https后访问ssl证书错乱问题

来自:互联网
时间:2019-10-10
阅读:
免费资源网 - https://freexyz.cn/

有个问题困扰着站长,关于宝塔面板开启SSL以后出现的问题。我的服务器里有2个网站,其中网站1开启了SSL登陆,网站2没有开启。如果在网站2的域名前填写https,网站2会默认访问网站1的ssl证书 

<a href=https://www.freexyz.cn/tag/QQ.html target=_blank class=infotextkey>QQ</a>图片20180202201130.png

解决方案如下配置网站2也去申请一个ssl对应证书然后配置中写法变更如下

#HTTP_TO_HTTPS_START
    if ($server_port !~ 80){
        rewrite ^(/.*)$ http://$host$1 permanent;
    }
    #HTTP_TO_HTTPS_END
    ssl_certificate    /etc/letsencrypt/live你的域名/fullchAIn.pem;
    ssl_certificate_key    /etc/letsencrypt/live/你的域名/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_stapling on;
    resolver 8.8.8.8 114.114.114.114 valid=3600s;
    ssl_prefer_server_ciphers on;
    ssl_stapling_verify on;
    ssl_dhparam dh2048.pem;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 10m;
    ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
免费资源网 - https://freexyz.cn/
返回顶部
顶部