By M Yahya
Hello all,
Is there any way to load http contents over https while enabling ssl?
Many thanks
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi @myahya,
I’m not entirely sure I understand the question, you want to serve the resources of your website via http while loading https, is that correct?
Can you please provide a little bit more information, may be an example will help?
Regards, KFSys
To set up Nginx to proxy HTTPS traffic to an HTTP backend and enable SSL, you need to configure Nginx with an SSL certificate and set up a reverse proxy. Here’s a basic guide on how you can do this:
Step 1: Obtain an SSL Certificate
You can obtain a free SSL certificate from Let’s Encrypt or use a certificate from another provider. If you’re using Let’s Encrypt, Certbot is a convenient way to obtain and automatically configure SSL.
To install Certbot and get a certificate:
sudo apt update
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d yourdomain.com -d www.yourdomain.com
This will modify your Nginx configuration to include the necessary SSL settings.
Step 2: Configure Nginx for SSL and Proxying
Open your Nginx configuration file (usually located in /etc/nginx/sites-available/yourdomain.com), and you’ll see Certbot has added SSL configuration directives.
To set up a reverse proxy, modify the configuration to include a location block that proxies traffic to your HTTP backend. Here’s an example:
server {
listen 443 ssl http2;
server_name yourdomain.com www.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location / {
proxy_pass http://localhost:8080; # Replace with your HTTP backend address
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# ... Other configuration ...
}
In this configuration:
listen 443 ssl http2;: Listens on port 443 for SSL traffic.proxy_pass http://localhost:8080;: Proxies the traffic to the HTTP backend (change the port and host as necessary).- The
proxy_set_headerdirectives forward important information to the backend.
Step 3: Redirect HTTP to HTTPS (Optional)
If you want to redirect all HTTP traffic to HTTPS, add another server block:
server {
listen 80;
server_name yourdomain.com www.yourdomain.com;
return 301 https://$host$request_uri;
}
Step 4: Test and Reload Nginx
Test your configuration for syntax errors:
sudo nginx -t
If the test is successful, reload Nginx to apply the changes:
sudo systemctl reload nginx
Step 5: Verify Configuration
Visit your website at https://yourdomain.com and verify that it’s serving content from your HTTP backend over HTTPS.
Note
- Ensure your firewall (like UFW or iptables) allows traffic on ports 80 and 443.
- Regularly renew your SSL certificates. Certbot can set up auto-renewal, but it’s good to verify this is working as expected.
- Keep your server and Nginx configuration up to date for security.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and SMBs
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.