Power up with new SaaS Add-Ons from the DigitalOcean Marketplace

Question

nginx SSL site not resolving

  • Posted July 30, 2014

I’m trying to set up SSL on nginx to no avail.

sites-available config:

# Redirect ALL non-https traffic to https 
server { 
server_name eruditify.com *.eruditify.com; 
return 301 https://$server_name$request_uri; 
}

# Redirect www to non-www 
server { 
listen 443 ssl; 
server_name www.eruditify.com; 
return 301 $scheme://eruditify.com$request_uri; 
}

server { 
listen 443 ssl; 
listen [::]:443 ssl;

listen 443 ssl;

server_name eruditify.com;

ssl_certificate /etc/nginx/ssl/eruditify.com.crt; 
ssl_certificate_key /etc/nginx/ssl/eruditify.com.key; 
ssl_session_timeout 5m; 
ssl_protocols SSLv3 TLSv1; 
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; 
ssl_prefer_server_ciphers on;

root /usr/share/nginx/html; 
index index.php index.html index.htm;

location / { 
# First attempt to serve request as file, then 
# as directory, then fall back to displaying a 404. 
#try_files $uri $uri/ =404; 
# Uncomment to enable naxsi on this location 
# include /etc/nginx/naxsi.rules 
#WordPress 
try_files $uri $uri/ /index.php?q=$uri&$args; 
}

error_page 404 /404.html; 
error_page 500 502 503 504 /50x.html; 
location = /50x.html { 
root /usr/share/nginx/html; 
}

location ~ \.php$ { 
try_files $uri =404; 
fastcgi_split_path_info ^(.+\.php)(/.+)$; 
fastcgi_pass unix:/var/run/php5-fpm.sock; 
fastcgi_index index.php; 
include fastcgi_params; 
}

# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests 
#location /RequestDenied { 
#	proxy_pass http://127.0.0.1:8080; 
#}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html 
# 
#error_page 500 502 503 504 /50x.html; 
#location = /50x.html { 
#	root /usr/share/nginx/html; 
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 
# 
location ~ \.php$ { 
fastcgi_split_path_info ^(.+\.php)(/.+)$; 
#	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini 
# 
#	# With php5-cgi alone: 
#	fastcgi_pass 127.0.0.1:9000; 
#	# With php5-fpm: 
fastcgi_pass unix:/var/run/php5-fpm.sock; 
fastcgi_index index.php; 
include fastcgi_params; 
}

# deny access to .htaccess files, if Apache's document root 
# concurs with nginx's one 
# 
#location ~ /\.ht { 
#	deny all; 
#} 
}

ufw status:

Status: active

To Action From 
-- ------ ---- 
22 ALLOW Anywhere 
80/tcp ALLOW Anywhere 
21/tcp ALLOW Anywhere 
443/tcp ALLOW Anywhere 
22 (v6) ALLOW Anywhere (v6) 
80/tcp (v6) ALLOW Anywhere (v6) 
21/tcp (v6) ALLOW Anywhere (v6) 
443/tcp (v6) ALLOW Anywhere (v6)

sudo netstat -plutn | grep :443:

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3612/nginx
tcp6       0      0 :::443                  :::*                    LISTEN      3612/nginx

When I try to access https://eruditify.com - the connection times out. If I change the config to listen on 80 instead, everything works fine.

Any ideas what might be the problem?

Thanks

Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

seifipJuly 30, 2014

That was the problem! Thanks a lot :)

Tony TsangJuly 30, 2014

You are most probably falling into a redirect loop. Remove this block.

# Redirect www to non-www 
server { 
listen 443 ssl; 
server_name www.eruditify.com; 
return 301 $scheme://eruditify.com$request_uri; 
}

Since you are using 301 for redirect You may need to clear the 301 cache of your browser.