3. redirection problem with ssl

redirection problem with ssl


  • hello,

    my site redirect ;
    http://mydomain.com to https://mydomain.com GOOD
    http://www.mydomain.com to https://mydomain.com GOOD

    but DO NOT redirect
    https://www.mydomain.com to https://mydomain.com NOT GOOD

    it stays as https://www.mydomain.com

    my default /etc/nginx/sites-enabled/default is ;

    listen 80;
 server_name mydomain.com www.mydomain.com;
 return 301 https://$host$request_uri;
}
server {
 listen 443 ssl;
 server_name mydomain.com www.mydomain.com;
 ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
 location / {
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header Host $http_host;
 proxy_set_header X-NginX-Proxy true;
 proxy_pass http://1.1.1.1.1.1.1.3:4567/;
 proxy_redirect off;
 #Socket.IO Support
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 }
 location ~ /.well-known {
 allow all;
 }
}

any idea pleaase.

thank you in advance.
    0 1 Reply

  • @atozsoft said in redirection problem with ssl:

    hello,

    my site redirect ;
    http://mydomain.com to https://mydomain.com GOOD
    http://www.mydomain.com to https://mydomain.com GOOD

    but DO NOT redirect
    https://www.mydomain.com to https://mydomain.com NOT GOOD

    it stays as https://www.mydomain.com

    my default /etc/nginx/sites-enabled/default is ;

    listen 80;
 server_name mydomain.com www.mydomain.com;
 return 301 https://$host$request_uri;
}
server {
 listen 443 ssl;
 server_name mydomain.com www.mydomain.com;
 ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
 location / {
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header Host $http_host;
 proxy_set_header X-NginX-Proxy true;
 proxy_pass http://1.1.1.1.1.1.1.3:4567/;
 proxy_redirect off;
 #Socket.IO Support
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 }
 location ~ /.well-known {
 allow all;
 }
}

any idea pleaase.

thank you in advance.

    Make a second Block for 443 that does a redirect like port 80 except specifically redirect it to https://domain.com$request_uri Instead of https://$host$request_uri

    Only put in the www.domain.com server.

    Take the www.domain.com out of the existing 443 block.

    I assume (never tested this) that the new 443 block will need the SSL settings.

    0

  • thank you @JaredBusch

    i tried but got error. site did not load.

    0

  • Fixed by adding

    if ($host = www.$server_name) {
    rewrite ^(.*) https://$server_name$request_uri? permanent;
    }

    after

    proxy_set_header Connection "upgrade";
    }

    line.

    0
Log in to reply
 

Copyright © 2017 NodeBB | Contributors

Looks like your connection to NodeBB was lost, please wait while we try to reconnect.