当我在 Nginx vhost 中设置 301 重定向时,LetsEncrypt Renewal 身份验证失败 (已解决)

LetsEncrypt Renewal failed authentification procedure when I set 301 Redirect in Nginx vhost (SOLVED)

提问人:Sparadrus Ier 提问时间:8/23/2023 最后编辑:Sparadrus Ier 更新时间:8/23/2023 访问量:32

问:

在 Ubuntu Server 18.04.04、Nginx 1.14.0 上,使用 LetsEncrypt certbot 通过 apt(非快照)安装

当我将 301 重定向到另一个域时,我收到以下消息:

Attempting to renew cert (domain1.fr) from /etc/letsencrypt/renewal/domain1.fr.conf produced an unexpected error: Failed authorization procedure. domain1.fr (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: (MY IP): Invalid response from https://www.domaine2.fr/targetpage: "<!DOCTYPE html>\n    <!--[if lt IE 7]><html class=\"no-js lt-ie9 lt-ie8 lt-ie7\"> <![endif]-->\n    <!--[if IE 7]><html class=\"no-js". Skipping.

当我尝试使用以下方法进行续订模拟时:

sudo certbot renew --dry-run

然而,我对 LetsEncrypt 的声明放在重定向指令之前。

下面,这是我 domain1.fr 的虚拟主机配置:

server {
    server_name domain1.fr;
    listen 80;

    # Path for first deliverance of LE certificate, and renewal
        location /.well-known {
        alias /var/www/html/certbot/.well-known;
    }
    # Proxy params
        include /etc/nginx/conf.d/proxy_general_test;
        include /etc/nginx/conf.d/proxy_compression;
        include /etc/nginx/conf.d/errors_pages_new;

    # Redirect to HTTPS
    return 301 https://$server_name$request_uri;
}
server {
    server_name domain1.fr;
    listen 443 ssl;

    # Path for first deliverance of LE certificate, and renewal
        location /.well-known {
        alias /var/www/html/certbot/.well-known;
    }

    # Proxy params
    include /etc/nginx/conf.d/proxy_general_test;
    include /etc/nginx/conf.d/proxy_compression;
    include /etc/nginx/conf.d/errors_pages_new;

    # SSL LE
    ssl_certificate /etc/letsencrypt/live/domain1.fr/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain1.fr/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    # Redirect to another website
    return 301 https://www.domaine2.fr/targetpage;

    # ModSecurity
    modsecurity on;
    modsecurity_rules_file /etc/nginx/modsec/main.conf;

    # Logs

如何在保留重定向的同时管理 certbot-auto? 当我在网上搜索时,我没有找到解决方案......

谢谢 此致敬意

nginx 重定向 lets-encrypt http-status-code-301 certbot

评论

0赞 Richard Smith 8/23/2023
将块内包裹起来,否则您的块将不起作用。return 301 ...location / { ... }location /.well-known
0赞 Sparadrus Ier 8/23/2023
谢谢理查德!您的答案已解决的问题 ;)有好的一天

答: 暂无答案

上一个:URL 末尾的奇怪字符和 301 不会将它们重定向到正确的 URL

下一个:301 重定向自主页 - 在 google search console 中更新域