Drupal, nginx, ssl, and php - a nightmare
I think I'll cross post to stackoverflow as well; Here's my issue:
I have installed an ssl certificate on my server, and read a whole lot and did all the different suggested things, but I cannot seem to get the $_SERVER['HTTPS'] variable to show up. Someone please help. Here's my config:Server: Linode Ubuntu 8.02LTS nginx - latest created a vhost:
server {
listen 443;
server_name www.buzzonstage.com;
rewrite ^/(.*) https://buzzonstage.com/$1 permanent;
}
server {
listen 443;
server_name buzzonstage.com;
ssl on;
ssl_certificate /usr/local/nginx/conf/buzzonstage.com.pem;
ssl_certificate_key /usr/local/nginx/conf/buzzonstage.com.key;
access_log /home/maksimize/public_html/buzzonstage.com/log/access.log;
error_log /home/maksimize/public_html/buzzonstage.com/log/error.log;
location / {
root /home/maksimize/public_html/buzzonstage.com/public/;
index index.php index.html;
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?q=$1 last;
}
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/maksimize/public_html/buzzonstage.com/public/$fastcgi_script_name;
fastcgi_param HTTPS on;
}
}
server {
listen 80;
server_name www.buzzonstage.com;
rewrite ^/(.*) http://buzzonstage.com/$1 permanent;
}
server {
listen 80;
server_name buzzonstage.com;
access_log /home/maksimize/public_html/buzzonstage.com/log/access.log;
error_log /home/maksimize/public_html/buzzonstage.com/log/error.log;
location / {
root /home/maksimize/public_html/buzzonstage.com/public/;
index index.php index.html;
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?q=$1 last;
}
}
开发者_如何学运维 # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$
{
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/maksimize/public_html/buzzonstage.com/public/$fastcgi_script_name;
The verification from digicert comes back accurate, but I get a message saying that some info may not be secure - I understand this is the case because of the various links to non-secure pages on the site. The phpinfo shows up green https;
But in order for a certain drupal module to work - securepages - I need to be able to show a that variable in the $_SERVER array. Can someone please help?
Thanks!
That Twitter module is breaking SSL. Modify it so it will pass only through SSL (requires rewriting the widget so it loads locally, yes it's possible), and everything should work.
The phpinfo shows up green https;
This is good. Because phpinfo works with $_SERVER['HTTPS'] variable. And it's certainly defined.
but I get a message saying that some info may not be secure
But in order for a certain drupal module to work - securepages I need to be able to show a that variable in the $_SERVER array.
Hmm, may be this modules trying to work without https? For example through AJAX?
And where they getting answer, HTTPS is not defined.
Try to check this, by adding fastcgi_param HTTPS on; to NON https section of your config. I think all will start working. But obvious, it's a cheat...
加载中,请稍侯......
精彩评论