Question

Ghost droplet: unable to redirect https://ip to my main domain

I have added multiple redirects to my ghost droplet, to make sure that

The only thing that I am unable to figure out to make httpS://ip go to domain.com

I followed the instructions in this topic (link) to make an extra SSL certificate for the www.domain.com portion. I reused it for my ip adress and that works fine for the http portion which now redirect to domain.com. Given Let’s encrypt does not give certificates for ip adresses it did not auto create a config for https://ip on port 443

I tried the following:

  • Add the listen 443 to my ip.conf file (which does port 80; this causes nothing to work
  • some variation of the below files, some with SSL certs, some with pointing to default_server etc. But nothing seems to be picked up.
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    server_name 123.123.123.123.443;
    root /var/www/ghost/system/nginx-root;

    return 301 https://domain.com$request_uri;


    }

    location ~ /.well-known {
        allow all;
}

    client_max_body_size 50m;
}

Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

jarland
DigitalOcean Employee
DigitalOcean Employee badge
September 17, 2018
Accepted Answer

Hey friend!

I don’t think you’re going to be able to do it without a certificate error, so you may as well go ahead and just not use a virtual host for the IP at all. It will direct to the first available virtual host which would be your domain, and give an SSL error. SSL certificates are only signed for hostnames and not IP addresses. Ideally, no one should be visiting your site this way.

Jarland

Thanks for the answer. Guess I’m out of luck. Just wanted to tie everything nicely together. But guess you can’t always have everything perfect. Was hoping for a little trick to do a transparent redirect. But alas.

This comment has been deleted