原服务器http改为https自签发证书后文件夹不能同步

服务器问题
1

问题如题,环境:linux版seafile,内网访问,已按官方手册设置nginx80强制转443访问,PC端显示等待同步,安卓端显示Moved Permanently,是不是nginx跳转的问题呢?我是可是抄的官方的样例啊。
server {

listen       80;

server_name  "";

rewrite ^ https://$http_host$request_uri? permanent;

server_tokens off;

}

server {

listen 443;

ssl on;

ssl_certificate /etc/nginx/conf.d/cacert.pem;

ssl_certificate_key /etc/nginx/conf.d/privkey.pem;

server_name "";

ssl_session_timeout 5m;

ssl_session_cache shared:SSL:5m;

# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits

# ssl_dhparam /etc/nginx/dhparam.pem;

# secure settings (A+ at SSL Labs ssltest at time of writing)

# see https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256  -SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS';

ssl_prefer_server_ciphers on;

proxy_set_header X-Forwarded-For $remote_addr;

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

server_tokens off;

location / {

    proxy_pass         http://127.0.0.1:8000;

    proxy_set_header   Host $host;

    proxy_set_header   X-Real-IP $remote_addr;

    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_set_header   X-Forwarded-Host $server_name;

    proxy_set_header   X-Forwarded-Proto https;

    access_log      /var/log/nginx/seahub.access.log;

    error_log       /var/log/nginx/seahub.error.log;

    proxy_read_timeout  1200s;

    client_max_body_size 0;

}


location /seafhttp {

    rewrite ^/seafhttp(.*)$ $1 break;

    proxy_pass http://127.0.0.1:8082;

    client_max_body_size 0;

    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

    proxy_connect_timeout  36000s;

    proxy_read_timeout  36000s;

    proxy_send_timeout  36000s;

    send_timeout  36000s;

}

location /media {

   #root /home/user/haiwen/seafile-server-latest/seahub;
    root /opt/seafile/seafile-server-latest/seahub;
}

}

2

看看这里

TIM%E6%88%AA%E5%9B%BE20190825114824
TIM%E6%88%AA%E5%9B%BE201908251148241556×430 39.9 KB

3

和这没有什么关系吧,我虽然这里设置的是https,但是我是内网IP形式进行访问,只是不能同步。

4

既然用了https,就需要ssl证书。
除非你用的证书可选名称里有这个ip地址,能提供https连接,不然通过用https://(ip)的形式访问都会被浏览器拦截,根本不过服务器的……

5

好的,我研究一下证书

6

谢谢,解决了。
1、自签发证书里面,设置信息最重要一条:Common Name (e.g. server FQDN or YOUR name) []:192.168.1.2,
IP或域名一定要设置正确。
2、客户端地址里也要设置成https。