我为VHOST启用了自动SSL,但是我需要为仅需要接受非SSL请求的特定URL禁用自动SSL。
,如果特定的旧URL是HTTPS,但它是HTTP,则放入虚拟主机,可以正常工作。我无法使用HTTPS_METHOD = noredirect为整个VHOST禁用自动SSL。是否可以仅针对此自定义nginx位置的上下文禁用它?我可以在nginx-proxy日志中看到它在达到此nginx定制之前就得到了301。因此,不幸的是,我只能使此proxy_pass配置与HTTPS URL(而非HTTP)一起使用。
感谢您的帮助。
location /specific/old/http/URL {
proxy_pass http://service.new.tld/new;
proxy_set_header host http://service.new.tld;
proxy_ssl_certificate /etc/nginx/certs/new.tld/fullchain.pem;
proxy_ssl_certificate_key /etc/nginx/certs/new.tld/key.pem;
}
location /upstream {
proxy_pass http://service.new.tld;
proxy_ssl_certificate
/etc/nginx/certs/service.new.tld/fullchain.pem;
proxy_ssl_certificate_key
/etc/nginx/certs/service.new.tld/key.pem;
}
您需要同时为http和https使用一个服务器指令(将侦听80和443),并且仅需要在所需位置添加重定向脚本。参见示例:
server {
listen 80;
listen 443 ssl;
server_name example.com www.example.com;
ssl on;
ssl_certificate example.crt;
ssl_certificate_key example.key;
location /specific/old/http/URL {
proxy_pass http://service.new.tld/new;
proxy_set_header host http://service.new.tld;
proxy_ssl_certificate /etc/nginx/certs/new.tld/fullchain.pem;
proxy_ssl_certificate_key /etc/nginx/certs/new.tld/key.pem;
}
location /upstream {
# add this condition only on the locations you want to redirect to https
if ($scheme = http) {
return 301 https://$server_name$request_uri;
}
proxy_pass http://service.new.tld;
proxy_ssl_certificate /etc/nginx/certs/service.new.tld/fullchain.pem;
proxy_ssl_certificate_key /etc/nginx/certs/service.new.tld/key.pem;
}