Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

发现一个问题证书无法自动更新的问题 #1785

Closed
AriaLyy opened this issue Aug 12, 2018 · 5 comments
Closed

发现一个问题证书无法自动更新的问题 #1785

AriaLyy opened this issue Aug 12, 2018 · 5 comments

Comments

@AriaLyy
Copy link

AriaLyy commented Aug 12, 2018
edited

如果我在nginx中配置了301跳转,证书将无法自动更新

server {
    listen 80;
    server_name domin.com;

    return 301 https://domin.com$request_uri;
}

作者能否提供一个参数,在更新的时候使用指定的nginx配置脚本?
@AriaLyy AriaLyy changed the title 发现一个问题 发现一个问题证书无法自动更新的问题 Aug 12, 2018
@Neilpang
Copy link
Member

301 应该不影响.

贴出来 log --debug 2

@rewqazxv
Copy link
Contributor

中断更新过程得到acme.sh给nginx的配置:

server {
    listen 80;
    server_name test.domain;
#ACME_NGINX_START
location ~ "^/\.well-known/acme-challenge/([-_a-zA-Z0-9]+)$" {
  default_type text/plain;
  return 200 "$1.8XXaeMDlCDC7zI7C5OLAEEBxqFDrP3PVZdrcacWgcxQ";
}
#NGINX_START

    return 301 https://$host$request_uri;
}

问题出在这个配置似乎不是顺序执行的??

curl test.domain/.well-known/acme-challenge/123 得到的是:

<html>
<head><title>301 Moved Permanently</title></head>
<body bgcolor="white">
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx/1.12.1</center>
</body>
</html>

return 301那行注释掉之后才能得到正确的结果

32432.8XXaeMDlCDC7zI7C5OLAEEBxqFDrP3PVZdrcacWgcxQ

@rewqazxv
Copy link
Contributor

对没错nginx的确不是执行第一个匹配到的location,参考 https://serverfault.com/questions/836504/does-order-of-lines-matter-in-nginx 猜的.
return 301也放进location块里就能解决问题,如下:

server {
    listen 80;
    server_name test1.domain;
    location / {
        return 301 https://$host$request_uri;
    }
}

@AriaLyy
Copy link
Author

AriaLyy commented Aug 23, 2018

@rewqazxv 正解,301跳转使用了

 location / {
        return 301 https://$host$request_uri;
    }

就能自动更新了

@AriaLyy AriaLyy closed this as completed Aug 23, 2018
@whyour
Copy link

whyour commented Aug 28, 2018

@AriaLyy 那现在必须去掉301,才可以更新吗

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Neilpang @AriaLyy @whyour @rewqazxv