我跟蹤了幾個Django + nginx + wsgi + ssl的示例,但是我無法讓它們工作。我只是在瀏覽器中發現錯誤,而無法連接。無法使用SSL與django + nginx + wsgi一起工作
我在主機上運行兩個網站。除IP地址,服務器名稱和目錄外,配置文件是相同的。
當兩個都不使用SSL時,它們工作正常。當我嘗試用其中一個443聽時,我無法連接到任何一個。
我的配置文件如下,任何建議,將不勝感激。
server{
listen xxx.xxx.xxx.xxx:80;
server_name sub.domain.com;
access_log /home/django/logs/nginx_customerdb_http_access.log;
error_log /home/django/logs/nginx_customerdb_http_error.log;
location/{
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
}
location /site_media/ {
alias /home/django/customerdb_site_media/;
}
location /admin-media/ {
alias /home/django/django_admin_media/;
}
}
server{
listen xxx.xxx.xxx.xxx:443;
server_name sub.domain.com;
access_log /home/django/logs/nginx_customerdb_http_access.log;
error_log /home/django/logs/nginx_customerdb_http_error.log;
ssl on;
ssl_certificate sub.domain.com.crt;
ssl_certificate_key sub.domain.com.key;
ssl_prefer_server_ciphers on;
location/{
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol https;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffers 32 4k;
}
location /site_media/ {
alias /home/django/customerdb_site_media/;
}
location /admin-media/ {
alias /home/django/django_admin_media/;
}
}
<VirtualHost *:8080>
ServerName xxx.xxx.xxx.xxx
ServerAlias xxx.xxx.xxx.xxx
LogLevel warn
ErrorLog /home/django/logs/apache_customerdb_error.log
CustomLog /home/django/logs/apache_customerdb_access.log combined
WSGIScriptAlias//home/django/customerdb/apache/django.wsgi
WSGIDaemonProcess customerdb_wsgi processes=4 threads=5
WSGIProcessGroup customerdb_wsgi
SetEnvIf X-Forwarded-Protocol "^https$" HTTPS=on
</VirtualHost>
UDPATE:主機上存在兩個站點(在不同的IP上)是問題。如果我刪除其他網站,上面的設置大多工作。這樣做也帶來了另一個問題:鉻不接受該網站作爲安全的說有些內容未加密。
有關Django 1.4+上的匹配設置,請參閱https://docs.djangoproject.com/en/dev/ref/settings/#secure-proxy-ssl-header。 – 2013-03-27 21:55:58