Hello!
I’ve installed SSL to my one click install Ghost droplet but I have one problem with Ghost. Whenever I try to write url: https:// to production nginx gives 502 error code. But if i write http:// everything works almost perfectly. Nginx redirect http url to https url.
How can i fix this?
Here is my config.js file:
// # Ghost Configuration
// Setup your Ghost install for various [environments](http://support.ghost.org/config/#about-environments).
// Ghost runs in `development` mode by default. Full documentation can be found at http://support.ghost.org/config/
var path = require('path'),
config;
config = {
// ### Production
// When running Ghost in the wild, use the production environment.
// Configure your URL and mail settings here
production: {
url: 'http://talhaokur.net',
mail: {
from: 'no-reply@talhaokur.net',
},
database: {
client: 'mysql',
connection: {
host: 'localhost',
user: 'user',
password: 'password',
database: 'database',
charset: 'utf8'
},
debug: false
},
server: {
host: '127.0.0.1',
port: '2368'
},
},
// ### Development **(default)**
development: {
// The url to use when providing links to the site, E.g. in RSS and email.
// Change this to your Ghost blog's published URL.
url: '',
// Example mail config
// Visit http://support.ghost.org/mail for instructions
// ```
mail: {
from: 'no-reply@talhaokur.net',
},
// ```
// #### Database
// Ghost supports sqlite3 (default), MySQL & PostgreSQL
database: {
client: 'mysql',
connection: {
host: 'localhost',
user: 'user',
password: 'password',
database: 'database',
charset: 'utf8'
},
debug: false
},
// #### Server
// Can be host & port (default), or socket
server: {
// Host to be passed to node's `net.Server#listen()`
host: '127.0.0.1',
// Port to be passed to node's `net.Server#listen()`, for iisnode set this to `process.env.PORT`
port: '2368'
},
// #### Paths
// Specify where your content directory lives
paths: {
contentPath: path.join(__dirname, '/content/')
}
},
// **Developers only need to edit below here**
// ### Testing
// Used when developing Ghost to run tests and check the health of Ghost
// Uses a different port number
testing: {
url: 'http://127.0.0.1:2369',
database: {
client: 'mysql',
connection: {
host: 'localhost',
user: 'user',
password: 'password',
database: 'database',
charset: 'utf8'
}
},
server: {
host: '127.0.0.1',
port: '2369'
},
logging: false
},
// ### Testing MySQL
// Used by Travis - Automated testing run through GitHub
'testing-mysql': {
url: 'http://127.0.0.1:2369',
database: {
client: 'mysql',
connection: {
host : '127.0.0.1',
user : 'root',
password : '',
database : 'ghost_testing',
charset : 'utf8'
}
},
server: {
host: '127.0.0.1',
port: '2369'
},
logging: false
},
// ### Testing pg
// Used by Travis - Automated testing run through GitHub
'testing-pg': {
url: 'http://127.0.0.1:2369',
database: {
client: 'pg',
connection: {
host : '127.0.0.1',
user : 'postgres',
password : '',
database : 'ghost_testing',
charset : 'utf8'
}
},
server: {
host: '127.0.0.1',
port: '2369'
},
logging: false
}
};
module.exports = config;
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Looking at your Nginx configuration, there are some improvements that you can make. I’d remove the proxy pass in the HTTP block as it should be never be executed. You can also just return 301 rather than do a rewrite, as they can be taxing. You’re also missing some headers. Here’s an example that works for me:
#HTTP Server
server {
listen 80;
server_name example.com;
return 301 https://$host$request_uri;
}
# HTTPS Server
server {
listen 443 ssl default_server;
server_name example.com;
client_max_body_size 10M;
location / {
proxy_pass http://localhost:2368;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_buffering off;
}
ssl on;
ssl_certificate /etc/ssl/ghost/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/ghost/ghost.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
ssl_session_timeout 5m;
}
Also remember to restart Nginx after making changes to it’s configuration. This goes for Ghost as well if you edit config.js
For more info, see Ghost’s SSL docs .
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.