seifip
By:
seifip

nginx SSL site not resolving

July 30, 2014 3.2k views

I'm trying to set up SSL on nginx to no avail.

sites-available config:

# Redirect ALL non-https traffic to https 
server { 
server_name eruditify.com *.eruditify.com; 
return 301 https://$server_name$request_uri; 
}

# Redirect www to non-www 
server { 
listen 443 ssl; 
server_name www.eruditify.com; 
return 301 $scheme://eruditify.com$request_uri; 
}

server { 
listen 443 ssl; 
listen [::]:443 ssl;

listen 443 ssl;

server_name eruditify.com;

ssl_certificate /etc/nginx/ssl/eruditify.com.crt; 
ssl_certificate_key /etc/nginx/ssl/eruditify.com.key; 
ssl_session_timeout 5m; 
ssl_protocols SSLv3 TLSv1; 
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP; 
ssl_prefer_server_ciphers on;

root /usr/share/nginx/html; 
index index.php index.html index.htm;

location / { 
# First attempt to serve request as file, then 
# as directory, then fall back to displaying a 404. 
#try_files $uri $uri/ =404; 
# Uncomment to enable naxsi on this location 
# include /etc/nginx/naxsi.rules 
#WordPress 
try_files $uri $uri/ /index.php?q=$uri&$args; 
}

error_page 404 /404.html; 
error_page 500 502 503 504 /50x.html; 
location = /50x.html { 
root /usr/share/nginx/html; 
}

location ~ \.php$ { 
try_files $uri =404; 
fastcgi_split_path_info ^(.+\.php)(/.+)$; 
fastcgi_pass unix:/var/run/php5-fpm.sock; 
fastcgi_index index.php; 
include fastcgi_params; 
}

# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests 
#location /RequestDenied { 
#   proxy_pass http://127.0.0.1:8080; 
#}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html 
# 
#error_page 500 502 503 504 /50x.html; 
#location = /50x.html { 
#   root /usr/share/nginx/html; 
#}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 
# 
location ~ \.php$ { 
fastcgi_split_path_info ^(.+\.php)(/.+)$; 
#   # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini 
# 
#   # With php5-cgi alone: 
#   fastcgi_pass 127.0.0.1:9000; 
#   # With php5-fpm: 
fastcgi_pass unix:/var/run/php5-fpm.sock; 
fastcgi_index index.php; 
include fastcgi_params; 
}

# deny access to .htaccess files, if Apache's document root 
# concurs with nginx's one 
# 
#location ~ /\.ht { 
#   deny all; 
#} 
} 

ufw status:

Status: active

To Action From 
-- ------ ---- 
22 ALLOW Anywhere 
80/tcp ALLOW Anywhere 
21/tcp ALLOW Anywhere 
443/tcp ALLOW Anywhere 
22 (v6) ALLOW Anywhere (v6) 
80/tcp (v6) ALLOW Anywhere (v6) 
21/tcp (v6) ALLOW Anywhere (v6) 
443/tcp (v6) ALLOW Anywhere (v6) 

sudo netstat -plutn | grep :443:

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      3612/nginx
tcp6       0      0 :::443                  :::*                    LISTEN      3612/nginx

When I try to access https://eruditify.com - the connection times out. If I change the config to listen on 80 instead, everything works fine.

Any ideas what might be the problem?

Thanks

2 Answers

You are most probably falling into a redirect loop.
Remove this block.

# Redirect www to non-www 
server { 
listen 443 ssl; 
server_name www.eruditify.com; 
return 301 $scheme://eruditify.com$request_uri; 
}

Since you are using 301 for redirect
You may need to clear the 301 cache of your browser.

That was the problem! Thanks a lot :)

Have another answer? Share your knowledge.