server {
listen 80;
listen 443 ssl;
server_name xxxx.com;
return 301 https://www.xxx.com$request_uri;
}
server {
listen 80;
server_name www.xxx.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server; #注意default_server须加
server_name www.xxxx.com;
#其他配置
}
需要注意的是 非www主域名必须要有证书支持,如果上面不行,使用下面的:
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/xxxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
server_name xxx.com;
return 301 https://www.xxx.com$request_uri;
}
server {
listen 80;
server_name xxx.com www.xxx.com;
return 301 https://https://www.xxx.com$request_uri;
}
server {
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
server_name www.xxx.com;
.............. #正常使用的server段
}
如果有移动端或其他二级域名则如下:
server {
listen 80;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/xxxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
server_name xxx.com;
return 301 https://www.xxx.com$request_uri;
}
server {
listen 80;
server_name *.xxx.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem;
server_name www.xxx.com m.xxx.com;
.............. #正常使用的server段
}