配置好的HTTPS服务,无法访问

浏览器访问报如下错误:
ERR_TOO_MANY_REDIRECTS

SSH curl 链接报错:
curl: (60) server certificate verification failed. CAfile: /etc/ssl/certs/ca-certificates.crt CRLfile: none More details here: curl.haxx.se/docs/sslcer…

curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

最后原因:
cloudflare-->mytest.com # SSL/TLS 没有选择严格
Full (strict)

Encrypts end-to-end, but requires a trusted CA or Cloudflare Origin CA certificate on the server

另外:
developers.cloudflare.com/ssl/origin-…

页面中(下方)第二步可能是多余的,不清楚作用是什么。

总之##  Nginx: Creating Your CSR with OpenSSL 这个生成里,我填的都是test,除了二级域名之外。然后去服务器站点目录下创建了一个tmp目录,再执行的ssl命令。应该是没有用上。

​​2. Install Origin CA certificate on origin server

================
其实对于cloudflare,只需要在mytest.com下设置即可。

SSL/TLS

Edge Certificates

将Always Use HTTPS 以及 Automatic HTTPS Rewrites 勾选上即可。

笔记:经过实测,开启Automatic HTTPS Rewrites后,会影响查英方文献。

  • 0
    点赞
  • 0
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值