I have rebuilt nginx with pagespeed running on ubuntu. Here's my config file.
When accessing the website via port 443 or ssl it gives me the following error
`NET::ERR_CERT_AUTHORITY_INVALID`.
When I tried toggling pagespeed UseNativeFetcher off; I get the following error
`nginx: [emerg] "pagespeed" directive "UseNativeFetcher" cannot be set at this
scope. in /etc/nginx/sites-enabled/live:70`
I'm not able to figure out where actually I'm doing wrong or what I'm missing
out.
```
server {
listen 80;
listen [::]:80;
server_name domain.com www.domain.com;
# Redirect all traffic to SSL
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
# enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be
used.
ssl_protocols SSLv3 TLSv1;
# disables all weak ciphers
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
root /var/www/live/website/public;
index index.php index.html index.htm;
server_name domain.com www.domain.com;
## Access and error logs.
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log info;
## Keep alive timeout set to a greater value for SSL/TLS.
keepalive_timeout 75 75;
## See the keepalive_timeout directive in nginx.conf.
## Server certificate and key.
ssl on;
ssl_certificate /etc/ssl/site_ssl/public.pem;
ssl_certificate_key /etc/ssl/site_ssl/private.key;
ssl_session_timeout 5m;
## Strict Transport Security header for enhanced security. See
## http://www.chromium.org/sts. I've set it to 2 hours; set it to
## whichever age you want.
add_header Strict-Transport-Security "max-age=7200";
pagespeed on;
pagespeed FileCachePath "/var/cache/ngx_pagespeed/";
pagespeed RewriteLevel OptimizeForBandwidth;
pagespeed EnableFilters trim_urls;
pagespeed RewriteLevel OptimizeForBandwidth;
pagespeed EnableFilters lazyload_images;
pagespeed EnableFilters collapse_whitespace;
#pagespeed UseNativeFetcher off;
#pagespeed RespectXForwardedProto on;
pagespeed FetchHttps
enable,allow_self_signed,allow_unknown_certificate_authority;
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
pagespeed SslCertDirectory /etc/ssl/site_ssl;
pagespeed SslCertFile /etc/ssl/site_ssl/public.pem;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~*
\.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|svg|woff|woff2|ttf)$
{
expires 1M;
access_log off;
add_header Cache-Control "public";
}
location ~* \.(?:css|js)$ {
expires 7d;
access_log off;
add_header Cache-Control "public";
}
location ~ /\.ht {
deny all;
}
}
TIA
[ Full content available at:
https://github.com/apache/incubator-pagespeed-ngx/issues/1597 ]
This message was relayed via gitbox.apache.org for [email protected]
