1번 사이트 : https://itreport.tistory.com/637
2번 싸이트 : https://www.wsgvet.com/bbs/board.php?bo_table=home&wr_id=639
ssl 인증을 위해 1번 싸이트를 따라 하다가 certbot-auto 방식? 이 잘 안되는 것 같아서
2번 사이트의 dns 인증 방식을 보고 키 설정 생성하고 이후에는 다시 1번 사이트를 보고
ngnix 의 default 파일을 수정 했습니다.
몇 번의 에러를 모두 수정해서 nginx -t 로 오류도 없고 리스타트도 했는데
연결이 안되네요.
다음은 디폴트 파일 내용입니다. (하도 헤집어 놔서 엉망일수 있습니다)
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name feedzone.club;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_trusted_certificate /etc/nginx/ssl/fullchain.pem;
include /etc/nginx/snippets/ssl.conf;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm index.nginx-debian.html;
client_max_body_size 7M; # 업로드 허용 용량
include snippets/rhymix.conf;
}
#location / {
# try_files $uri $uri/ =404;
# if (!-e $request_filename) {
# rewrite ^.*$ /index.php last;
# }
# pass PHP scripts to FastCGI server
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
# }
# }
# HTTPS www. server configuration
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.feedzone.club;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_trusted_certificate /etc/nginx/ssl/fullchain.pem;
include /etc/nginx/snippets/ssl.conf;
location / {
return 301 https://feedzone.club$request_uri;
}
}
# Default server configuration
server {
listen 80;
listen [::]:80 default_server;
server_name feedzone.club;
include /etc/nginx/snippets/letsencrypt.conf;
location / {
return 301 https://feedzone.club$request_uri;
}
}
# HTTP - CNAME Connect www.feedzone.club to feedzone.club
server {
listen 80;
listen [::]:80;
server_name www.feedzone.club;
include /etc/nginx/snippets/letsencrypt.conf;
location / {
return 301 https://www.feedzone.club$request_uri;
}
}
요렇게 했는데 뭐가 문제일까요..
추가로 아래 경로와 키 연결이 잘못 된 것을 발견하고 조금전에 수정했습니다. - 그래도 아직 연결은 안되네요.
ssl_certificate_key /etc/nginx/ssl/privkey.pem;
ssl_certificate /etc/nginx/ssl/fullchain.pem;
ssl_trusted_certificate /etc/nginx/ssl/chain.pem;