ssl - Certbot 从 Nginx 将 HTTP 重定向到 HTTPS 不起作用

Question

我在 Nginx 上使用 proxy_pass 将 ssl 服务器设置为 apache。

该代码由 certbot 重新创建，无法正常工作。我无法找出问题所在。

我也尝试用 $server_name 和论坛的其他建议替换 $host 但没有成功。

    server {
        server_name biofit.blog www.biofit.blog;
        listen [::]:443 ssl ipv6only=on; # managed by Certbot
        listen 443 ssl; # managed by Certbot
        ssl_certificate                 /etc/letsencrypt/live/gekko.winsum.ws/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/gekko.winsum.ws/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        location / {
                proxy_buffers 8 32k;
                proxy_buffer_size 64k;
                proxy_pass http://biofit.blog:81;
                proxy_set_header Host $http_host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-NginX-Proxy true;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_read_timeout 86400s;
                proxy_send_timeout 86400s;
        }
    }

    server {
       if ($host = www.biofit.blog) {
           return 301 https://$host$request_uri;
        } # managed by Certbot
      if ($host = biofit.blog) {
            return 301 https://$host$request_uri;
        } # managed by Certbot

        listen 80;
        listen [::]:80;
        server_name biofit.blog www.biofit.blog;
        return 404; # managed by Certbot
    }

ssl 的预期输出应该传递给在端口 81 上运行的 apache，但不是:ERR_TOO_MANY_REDIRECTS

Answer 1

不推荐使用if语句试试这个:

    server {

        listen 80;
        listen [::]:80;
        server_name biofit.blog www.biofit.blog;
        rewrite     ^   https://$server_name$request_uri? permanent;
        return 404; # managed by Certbot
    }