Ghost droplet: unable to redirect https://ip to my main domain

September 15, 2018 753 views
Ghost Ubuntu 18.04

I have added multiple redirects to my ghost droplet, to make sure that

The only thing that I am unable to figure out to make httpS://ip go to domain.com

I followed the instructions in this topic (link) to make an extra SSL certificate for the www.domain.com portion. I reused it for my ip adress and that works fine for the http portion which now redirect to domain.com. Given Let’s encrypt does not give certificates for ip adresses it did not auto create a config for https://ip on port 443

I tried the following:

  • Add the listen 443 to my ip.conf file (which does port 80; this causes nothing to work
  • some variation of the below files, some with SSL certs, some with pointing to default_server etc. But nothing seems to be picked up.
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name 123.123.123.123.443;
    root /var/www/ghost/system/nginx-root;

    return 301 https://domain.com$request_uri;


    }

    location ~ /.well-known {
        allow all;
}

    client_max_body_size 50m;
}
3 Answers
jarland MOD September 17, 2018
Accepted Answer

Hey friend!

I don’t think you’re going to be able to do it without a certificate error, so you may as well go ahead and just not use a virtual host for the IP at all. It will direct to the first available virtual host which would be your domain, and give an SSL error. SSL certificates are only signed for hostnames and not IP addresses. Ideally, no one should be visiting your site this way.

Jarland

Thanks for the answer. Guess I’m out of luck. Just wanted to tie everything nicely together. But guess you can’t always have everything perfect. Was hoping for a little trick to do a transparent redirect. But alas.

Have another answer? Share your knowledge.