• Hi,

    I'm using nginx and I set up an SSL certificate from StartSSL. I changed my etc/nginx/sites-available/nodejsworld.com to :

    server {
    listen 433 ssl spdy;
    server_name nodejsworld.com;
    ssl on;
    ssl_certificate /etc/nginx/ssl2/nodejsworld.com.unified.crt;
    ssl_certificate_key /etc/nginx/ssl2/nodejsworld.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://127.0.0.1:4567/;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    }
    }

    But when I restart nginx and test my website, I'm find that's it always on http and not https.

    Can someone tell me why and what should I do ?

    Thanks


  • I cannot see any support here ????


  • You have no redirect for 80, @kacemlight
    Please see the documentation


  • I have always the same problem.

    that what I did:

    sudo nano /etc/nginx/sites-available/nodejsworld.com

    After:
    This is my conf:

    server {
    listen 80;
    server_name nodejsworld.com;
    return 301 https://nodejsworld.com$request_uri;
    }

    server {
    listen 433 ssl spdy;
    server_name nodejsworld.com;
    ssl on;
    ssl_certificate /etc/nginx/ssl2/nodejsworld.com.unified.crt;
    ssl_certificate_key /etc/nginx/ssl2/nodejsworld.com.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    # disables all weak ciphers
    ssl_ciphers 'AES128+EECDH:AES128+EDH';
    ssl_prefer_server_ciphers on;
    location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://127.0.0.1:4567/;
    proxy_redirect off;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    }
    }

    I restart my nginx:
    root@nodebb:~# sudo service nginx restart
    stop: Unknown instance:
    nginx stop/pre-start, process 13399

    When I try to test my web site: it's always on http and not https. So weiird, can someone help me pleaaase !!

    Thanks

  • GNU/Linux Admin

    Is the config file symlinked to the sites-enabled/ folder?


  • Yes I think so, because all modification that I did on sites-available are systematically done on sites-enabled.
    Is there an other way to test my conf or nginx ? because I think my modifications are not taken into account.

  • GNU/Linux Admin

    @kacemlight sudo nginx -t should test your config file.


  • @julian said:

    sudo nginx -t

    I got this :

    root@nodebb:~# sudo nginx -t
    nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/nginx/ssl2/nodejsworld.com.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)
    nginx: configuration file /etc/nginx/nginx.conf test failed

    I don't know why at all 😞


  • I just make a modification in my conf and now i get this :

    root@nodebb:~# sudo nginx -t
    nginx: [warn] conflicting server name "nodejsworld.com" on 0.0.0.0:80, ignored
    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful
    root@nodebb:~#

    But my hhtps don't work at all. my website is always on http 😮

  • GNU/Linux Admin

    The warning is still related, there should be no warnings at all... paste nginx config again, and please surround it with backticks (```) so it is formatted properly.


  • Ok thaaaanks 🙂

    This is my RP conf:

    server {
        listen 80;
        server_name nodejsworld.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
            listen 433 ssl spdy;
    
            server_name nodejsworld.com;
            ssl on;
            ssl_certificate /etc/nginx/ssl2/nodejsworld.com.crt;
            ssl_certificate_key /etc/nginx/ssl/nodejsworld.com.key;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            # disables all weak ciphers
             ssl_ciphers 'AES128+EECDH:AES128+EDH';
             ssl_prefer_server_ciphers on;
    
            location / {
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-NginX-Proxy true;
                    proxy_pass http://127.0.0.1:4567/;
                    proxy_redirect off;
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
                    }
    }
    server {
        listen   80;
        listen   [::]:80;
        server_name www.nodejsworld.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
        listen   80;
        listen   [::]:80;
        server_name www.nodecommunity.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
       listen   80;
        listen   [::]:80;
        server_name nodecommunity.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
        listen   80;
        listen   [::]:80;
        server_name www.nodejslearning.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
        listen   80;
        listen   [::]:80;
        server_name nodejslearning.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {
        listen   80;
        listen   [::]:80;
        server_name www.nodejsword.com;
        return 301 https://nodejsworld.com$request_uri;
    }
    server {   
        listen   80;
        listen   [::]:80;
        server_name nodejsworld.com;
        return 301 https://nodejsworld.com$request_uri;
    }

  • @kacemlight slightly related, your website is incredibly annoying, asking to allow notifications over and over.


  • @Fastidious What are you talking about ? my website ?? asking to allow notifications ?


  • @kacemlight Yes, nodejsworld.com, isn't it yours?

    On OS X, Safari, it kept constantly asking to "The website “nodejsworld.com” would like to show alerts in Notification Center," for more than six times.


  • @Fastidious Oh yes I just disable the notification plugin. I didn't know it makes this annoying alert on safari. Thanks !

Suggested Topics

| |