By seifip
I’m trying to set up SSL on nginx to no avail.
sites-available config:
# Redirect ALL non-https traffic to https
server {
server_name eruditify.com *.eruditify.com;
return 301 https://$server_name$request_uri;
}
# Redirect www to non-www
server {
listen 443 ssl;
server_name www.eruditify.com;
return 301 $scheme://eruditify.com$request_uri;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
listen 443 ssl;
server_name eruditify.com;
ssl_certificate /etc/nginx/ssl/eruditify.com.crt;
ssl_certificate_key /etc/nginx/ssl/eruditify.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
ssl_prefer_server_ciphers on;
root /usr/share/nginx/html;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
#try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
#WordPress
try_files $uri $uri/ /index.php?q=$uri&$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
ufw status:
Status: active
To Action From
-- ------ ----
22 ALLOW Anywhere
80/tcp ALLOW Anywhere
21/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
22 (v6) ALLOW Anywhere (v6)
80/tcp (v6) ALLOW Anywhere (v6)
21/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
sudo netstat -plutn | grep :443:
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 3612/nginx
tcp6 0 0 :::443 :::* LISTEN 3612/nginx
When I try to access https://eruditify.com - the connection times out. If I change the config to listen on 80 instead, everything works fine.
Any ideas what might be the problem?
Thanks
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
You are most probably falling into a redirect loop. Remove this block.
# Redirect www to non-www
server {
listen 443 ssl;
server_name www.eruditify.com;
return 301 $scheme://eruditify.com$request_uri;
}
Since you are using 301 for redirect You may need to clear the 301 cache of your browser.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.