My site have just install SSL but SSL not work. If I type latena.vn, the site accessible normally but I type https://latena.vn my site unaccessible and receive a error too many redirect
I run command nginx -t and receive a warning
nginx: [warn] conflicting server name “latena.vn” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “latena.vn” on 0.0.0.0:443, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
I checked dns server and don’t have any redirect
This is my domain configuration:
server {
listen 80;
server_name latena.vn;
root /var/www/latena.vn/htdocs;
index index.php index.html index.htm;
include common/php-hhvm.conf;

include common/locations.conf;
include /var/www/latena.vn/conf/nginx/*.conf;
}

server {
listen 443 ssl spdy;
servername latena.vn;
ssl
certificate /etc/nginx/ssl/latenavnchain.crt;
ssl
certificatekey /etc/nginx/ssl/latenavn.key;
sslsessioncache shared:SSL:20m;
sslsessiontimeout 10m;
sslprotocols TLSv1 TLSv1.1 TLSv1.2;
ssl
preferserverciphers on;
sslciphers “EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS”;
ssl
buffersize 8k;
ssl
stapling on;
sslstaplingverify on;
ssltrustedcertificate /etc/nginx/ssl/latenavnchain.crt;
resolver 208.67.222.222 208.67.220.220 8.8.8.8 8.8.4.4;
ssl
dhparam /etc/nginx/ssl/dhparam.pem;
root /var/www/latena.vn/htdocs;
index index.php index.html index.htm;
include common/php-hhvm.conf;

include common/locations.conf;
include /var/www/latena.vn/conf/nginx/*.conf;
add_header Strict-Transport-Security “max-age=31536000”;
}
Please help me resolve this error
Thankyou

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
4 answers

I just had the exact same problem after enabling SSL. The issue for me was I have Rails set to config.force_ssl = true which relies on the proxy_set_header X-Forwarded-Proto https; header to know whether the request was over SSL or not. I didn’t have that header to Rails would receive an SSL request thinking it wasn’t with SSL which caused it to redirect to https.

Here’s my working config:

upstream puma {
  server unix:///home/deploy/apps/genus/shared/tmp/sockets/genus-puma.sock;
}

server {
  listen 80;
  listen 443 ssl;
  server_name genusapp.com;

  ssl_certificate /home/deploy/apps/genus/genusapp_com.pem;
  ssl_certificate_key /home/deploy/apps/genus/genusapp_com.key;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers AES256+EECDH:AES256+EDH:!aNULL;


  root /home/deploy/apps/genus/current/public;
  access_log /home/deploy/apps/genus/current/log/nginx.access.log;
  error_log /home/deploy/apps/genus/current/log/nginx.error.log info;

  location ^~ /assets/ {
    gzip_static on;
    expires max;
    add_header Cache-Control public;
  }

  try_files $uri/index.html $uri @puma;
  location @puma {
    proxy_set_header X-Forwarded-Proto https;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;

    proxy_pass http://puma;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 10M;
  keepalive_timeout 10;
}

Great that help me out too. Thanks!

In my case, It worked after replacing try_files $uri/index.html $uri @puma line.
Note:- replace @puma with your respective block.

Submit an Answer