I was trying to Secure Nginx with Let's Encrypt on Ubuntu 16.04.
example.conf file before obtaining an SSL Certificate
server {
server_name example.com www.example.com ;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/backup/mycode/public;
# Turn on Passenger
passenger_enabled on;
rails_env development;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;
}
http://example.com/ is working fine.
I try to Obtain an SSL Certificate by
sudo certbot --nginx -d example.com -d www.example.com
the result was
Your existing certificate has been successfully renewed, and the new certificate
has been installed.
The new certificate covers the following domains: https://example.com and
https://www.example.com
example.conf file after obtaining an SSL Certificate
server {
server_name example.com www.example.com ;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/backup/example.com/public;
# Turn on Passenger
passenger_enabled on;
rails_env development;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com ;
listen 80;
return 404; # managed by Certbot
}
http://example.com/ is redirecting to https://example.com/ too many times
example.com redirected you too many times. ERR_TOO_MANY_REDIRECTS
Why is it redirecting too many times?
what is the purpose of the second server block?
server { if ($host = www.example.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = example.com) { return 301 https://$host$request_uri; } # managed by Certbot server_name example.com www.example.com; listen 80; return 404; # managed by Certbot }
How to make all redirects to https://www.example.com/ ?
EDIT1
Moving the certibot managed code to second server block has stopped the too many redirects problem. But my website is back again directing to HTTP instead of https.
server {
server_name example.com www.example.com ;
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/backup/example.com/public;
# Turn on Passenger
passenger_enabled on;
rails_env development;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;
}
server {
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
if ($host = www.example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = example.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name example.com www.example.com ;
listen 80;
return 404; # managed by Certbot
}
Try this:
server {
server_name example.com www.example.com ;
listen 80;
listen 443 ssl;
if ($scheme != "https") {
return 301 https://www.example.com$request_uri;
}
if ($host = example.com) {
return 301 https://www.example.com$request_uri;
}
# Tell Nginx and Passenger where your app's 'public' directory is
root /var/www/backup/example.com/public;
# Turn on Passenger
passenger_enabled on;
rails_env development;
passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
This should redirect to www.example.com
if used HTTP instead of HTTPS or host is example.com
regarding your questions:
I am not sure, maybe you also redirect in your ruby code. Your EDIT1 code example will redirect forever, since it redirects using the $host
weird way to redirect traffic on port 80 (used for HTTP)
In my example I fixed the redirect to www.example.com
instead of $host
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.