example.com redirected you too many times. ERR_TOO_MANY_REDIRECTS

Question

I was trying to Secure Nginx with Let's Encrypt on Ubuntu 16.04.

example.conf file before obtaining an SSL Certificate

server {
    server_name example.com www.example.com ;
    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/backup/mycode/public;
    # Turn on Passenger
    passenger_enabled on;
    rails_env development;
    passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;

}

http://example.com/ is working fine.

I try to Obtain an SSL Certificate by

sudo certbot --nginx -d example.com -d www.example.com

the result was

Your existing certificate has been successfully renewed, and the new certificate
has been installed.

The new certificate covers the following domains: https://example.com and
https://www.example.com

example.conf file after obtaining an SSL Certificate

server {
    server_name example.com www.example.com ;
    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/backup/example.com/public;
    # Turn on Passenger
    passenger_enabled on;
    rails_env development;
    passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;




    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name example.com www.example.com ;
    listen 80;
    return 404; # managed by Certbot

}

http://example.com/ is redirecting to https://example.com/ too many times

example.com redirected you too many times. ERR_TOO_MANY_REDIRECTS

1. Why is it redirecting too many times?

2. what is the purpose of the second server block?

    server { if ($host = www.example.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = example.com) { return 301 https://$host$request_uri; } # managed by Certbot server_name example.com www.example.com; listen 80; return 404; # managed by Certbot }

3. How to make all redirects to https://www.example.com/ ?

EDIT1

Moving the certibot managed code to second server block has stopped the too many redirects problem. But my website is back again directing to HTTP instead of https.

    server {
            server_name example.com www.example.com ;
            # Tell Nginx and Passenger where your app's 'public' directory is
            root /var/www/backup/example.com/public;
            # Turn on Passenger
            passenger_enabled on;
            rails_env development;
            passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;

        }
        server {

            listen 443 ssl; # managed by Certbot
            ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
            ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
            include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
            ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
            if ($host = www.example.com) {
                return 301 https://$host$request_uri;
            } # managed by Certbot


            if ($host = example.com) {
                return 301 https://$host$request_uri;
            } # managed by Certbot


            server_name example.com www.example.com ;
            listen 80;
            return 404; # managed by Certbot

        }

Answer 1

Try this:

server {
    server_name example.com www.example.com ;
    listen 80;
    listen 443 ssl;

    if ($scheme != "https") {
        return 301 https://www.example.com$request_uri;
    }

    if ($host = example.com) {
        return 301 https://www.example.com$request_uri;
    }

    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/backup/example.com/public;
    # Turn on Passenger
    passenger_enabled on;
    rails_env development;
    passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

This should redirect to www.example.com if used HTTP instead of HTTPS or host is example.com

regarding your questions:

1. I am not sure, maybe you also redirect in your ruby code. Your EDIT1 code example will redirect forever, since it redirects using the $host

2. weird way to redirect traffic on port 80 (used for HTTP)

3. In my example I fixed the redirect to www.example.com instead of $host