После обновления SSL-сертификатов letsencrypt сервер возвращает только код ответа 400 - PullRequest
Новая
       24

После обновления SSL-сертификатов letsencrypt сервер возвращает только код ответа 400

0 голосов
/ 06 апреля 2019

Я недавно пытался обновить свой SSL-сертификат letsencrypt, но как только я это сделал, я получал 400 ответов от сервера, когда пытался подключиться к своему веб-сайту. Я перепробовал абсолютно все, что мог придумать. Я приложил копию моего файла журнала ошибок Nginx с установленным уровнем отладки и мой файл конфигурации сервера. Любая помощь очень ценится.

Я использую Django, Nginx и Gunicorn на моем сервере.

Я выполнил команду certbot renew обновить сертификат.

Как только это было сделано, я получил только 400 ответов.

Кроме того, когда я пытаюсь подключиться к сайту, я получаю сообщение об ошибке Django: 


Report at /
Invalid HTTP_HOST header: 'testing.com,testing.com'. The domain name provided is not valid according to RFC 1034/1035.

Возможно, это как-то связано с повторяющимся URL, но я тоже не уверен, что это так.

Ниже доступен мой конфигурационный файл nginx для сайтов. 



server { # redirection logic
        listen 80; # port to listen on
        return 301 https://$host$request_uri*;
}

server {
    listen 443 ssl; # listen for HTTPS
    server_name testing.com www.testing.com; # server name to use
    ssl_certificate /etc/letsencrypt/live/testing.com/fullchain.pem; # ssl certs
    ssl_certificate_key /etc/letsencrypt/live/dt-testing.com/privkey.pem;   
    location = /favicon.ico { access_log off; log_not_found off; } # site icon to use
    location /static/ { # location of static files
        root /websites/DT/path/;
    }

    location / {
        proxy_set_header Host $host;
        include proxy_params;
        proxy_pass http://unix:/websites/DT/run/gunicorn.sock; # connector to gunicorn
    #error_page 405 =200 $uri;
    }

    rewrite_log on;
    error_log /var/log/nginx/error_log debug;
}

Вот мой вывод журнала отладки nginx. 


"GET / HTTP/1.0
Host: testing.com
Host: testing.com
X-Real-IP: 185.252.151.5
X-Forwarded-For: 185.252.151.5
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; Nexus 6P Build/NOF27C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.81 Mobile Safari/537.36
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,ISO-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate

"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http cleanup add: 000055DF21463240
2019/04/06 00:02:56 [debug] 11579#11579: *12 get rr peer, try: 1
2019/04/06 00:02:56 [debug] 11579#11579: *12 stream socket 15
2019/04/06 00:02:56 [debug] 11579#11579: *12 epoll add connection: fd:15 ev:80002005
2019/04/06 00:02:56 [debug] 11579#11579: *12 connect to unix:/websites/DT/run/gunicorn.sock, fd:15 #13
2019/04/06 00:02:56 [debug] 11579#11579: *12 connected
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream connect: 0
2019/04/06 00:02:56 [debug] 11579#11579: *12 posix_memalign: 000055DF2142F410:128 @16
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request body
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer buf fl:1 s:524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer in: 000055DF214F97D0
2019/04/06 00:02:56 [debug] 11579#11579: *12 writev: 524 of 524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer out: 0000000000000000
2019/04/06 00:02:56 [debug] 11579#11579: *12 event timer add: 15: 60000:4664042409
2019/04/06 00:02:56 [debug] 11579#11579: *12 http finalize request: -4, "/?" a:1, c:2
2019/04/06 00:02:56 [debug] 11579#11579: *12 http request count:2 blk:0
2019/04/06 00:02:56 [debug] 11579#11579: *12 http run request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream check client, write event:1, "/"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream dummy handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream process header
2019/04/06 00:02:57 [debug] 11579#11579: *12 malloc: 000055DF21502980:4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: eof:1, avail:1
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: fd:15 160 of 4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy status 400 "400 Bad Request"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Server: gunicorn/19.9.0"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Date: Sat, 06 Apr 2019 00:02:57 GMT"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Connection: close"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Content-Type: text/html"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header done
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter header
2019/04/06 00:02:57 [debug] 11579#11579: *12 HTTP/1.1 400 Bad Request
Server: nginx/1.15.5 (Ubuntu)
Date: Sat, 06 Apr 2019 00:02:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:0 f:0 s:173
2019/04/06 00:02:57 [debug] 11579#11579: *12 http cacheable: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 posix_memalign: 000055DF21503990:4096 @16
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy filter init s:400 h:0 c:0 l:-1
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream process upstream
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe read upstream: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe preread: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 readv: eof:1, avail:0
2019/04/06 00:02:57 [debug] 11579#11579: *12 readv: 1, last:3936
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe recv chain: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe buf free s:0 t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe length: -1
2019/04/06 00:02:57 [debug] 11579#11579: *12 input buf #0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream flush in
2019/04/06 00:02:57 [debug] 11579#11579: *12 http output filter "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 image filter
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter body
2019/04/06 00:02:57 [debug] 11579#11579: *12 http postpone filter "/?" 000055DF214F9B88
2019/04/06 00:02:57 [debug] 11579#11579: *12 http chunk: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF21503B30, pos 000055DF21503B30, size: 4 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:0 f:0 0000000000000000, pos 000055DF20B058DA, size: 2 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:0 f:0 s:205
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: 0 "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream done
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer del: 15: 4664042409
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer add: 15: 60000:4664043593
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream exit: 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 finalize http upstream request: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 finalize http proxy request
2019/04/06 00:02:57 [debug] 11579#11579: *12 free rr peer 1 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 close http upstream connection: 15
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF2142F410, unused: 48
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer del: 15: 4664043593
2019/04/06 00:02:57 [debug] 11579#11579: *12 reusable connection: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream temp fd: -1
2019/04/06 00:02:57 [debug] 11579#11579: *12 http output filter "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 image filter
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter body
2019/04/06 00:02:57 [debug] 11579#11579: *12 http postpone filter "/?" 00007FFD2D728F60
2019/04/06 00:02:57 [debug] 11579#11579: *12 http chunk: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF21503B30, pos 000055DF21503B30, size: 4 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:0 f:0 0000000000000000, pos 000055DF20B058DA, size: 2 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:0 f:0 0000000000000000, pos 000055DF20B058D7, size: 5 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:1 f:0 s:210
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter limit 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 posix_memalign: 000055DF21506530:512 @16
2019/04/06 00:02:57 [debug] 11579#11579: *12 malloc: 000055DF214ED330:16384
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 173
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 4
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 2
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 5
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL to write: 210
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL_write: 210
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: 0 "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http finalize request: 0, "/?" a:1, c:1
2019/04/06 00:02:57 [debug] 11579#11579: *12 set http keepalive handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 http close request
2019/04/06 00:02:57 [debug] 11579#11579: *12 http log handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21502980
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21462260, unused: 8
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214F8C60, unused: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21503990, unused: 3070
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214181D0
2019/04/06 00:02:57 [debug] 11579#11579: *12 hc free: 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 hc busy: 0000000000000000 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214ED330
2019/04/06 00:02:57 [debug] 11579#11579: *12 reusable connection: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer add: 8: 65000:4664048593
2019/04/06 00:02:58 [debug] 11579#11579: *12 http keepalive handler
2019/04/06 00:02:58 [debug] 11579#11579: *12 malloc: 000055DF214181D0:1024
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_read: 0
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_get_error: 6
2019/04/06 00:02:58 [debug] 11579#11579: *12 peer shutdown SSL cleanly
2019/04/06 00:02:58 [info] 11579#11579: *12 client 185.252.151.5 closed keepalive connection
2019/04/06 00:02:58 [debug] 11579#11579: *12 close http connection: 8
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_shutdown: 1
2019/04/06 00:02:58 [debug] 11579#11579: *12 event timer del: 8: 4664048593
2019/04/06 00:02:58 [debug] 11579#11579: *12 reusable connection: 0
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF214181D0
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 0000000000000000
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF21431E10, unused: 16
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF21506530, unused: 400

1 Ответ

0 голосов
/ 09 апреля 2019

Я понял, в чем проблема. Я подозреваю, что Cerbot Renews каким-то образом обновил программное обеспечение nginx, что заставило его по-разному отображать файл конфигурации. Заголовок линейного прокси-сервера был тем, который удваивал входящий заголовок, но поскольку у меня была ошибка в моем коде Python на стороне Django, он не работал.

...