redirection problem with ssl

fstdesk

hello,

my site redirect ;
http://mydomain.com to https://mydomain.com GOOD
http://www.mydomain.com to https://mydomain.com GOOD

but DO NOT redirect
https://www.mydomain.com to https://mydomain.com NOT GOOD

it stays as https://www.mydomain.com

my default /etc/nginx/sites-enabled/default is ;

listen 80;
 server_name mydomain.com www.mydomain.com;
 return 301 https://$host$request_uri;
}
server {
 listen 443 ssl;
 server_name mydomain.com www.mydomain.com;
 ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
 location / {
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header Host $http_host;
 proxy_set_header X-NginX-Proxy true;
 proxy_pass http://1.1.1.1.1.1.1.3:4567/;
 proxy_redirect off;
 #Socket.IO Support
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 }
 location ~ /.well-known {
 allow all;
 }
}

any idea pleaase.

thank you in advance.

JaredBusch

@atozsoft said in redirection problem with ssl:

hello,

my site redirect ;
http://mydomain.com to https://mydomain.com GOOD
http://www.mydomain.com to https://mydomain.com GOOD

but DO NOT redirect
https://www.mydomain.com to https://mydomain.com NOT GOOD

it stays as https://www.mydomain.com

my default /etc/nginx/sites-enabled/default is ;

listen 80;
 server_name mydomain.com www.mydomain.com;
 return 301 https://$host$request_uri;
}
server {
 listen 443 ssl;
 server_name mydomain.com www.mydomain.com;
 ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;
 location / {
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_set_header Host $http_host;
 proxy_set_header X-NginX-Proxy true;
 proxy_pass http://1.1.1.1.1.1.1.3:4567/;
 proxy_redirect off;
 #Socket.IO Support
 proxy_http_version 1.1;
 proxy_set_header Upgrade $http_upgrade;
 proxy_set_header Connection "upgrade";
 }
 location ~ /.well-known {
 allow all;
 }
}

any idea pleaase.

thank you in advance.

Make a second Block for 443 that does a redirect like port 80 except specifically redirect it to https://domain.com$request_uri Instead of https://$host$request_uri

Only put in the www.domain.com server.

Take the www.domain.com out of the existing 443 block.

I assume (never tested this) that the new 443 block will need the SSL settings.

fstdesk

thank you @JaredBusch

i tried but got error. site did not load.

fstdesk

Fixed by adding

if ($host = www.$server_name) {
rewrite ^(.*) https://$server_name$request_uri? permanent;
}

after

proxy_set_header Connection "upgrade";
}

line.