Setting up SSL - https works, http not working
Solution 1
You need to use:
listen 80;
listen 443 ssl;
in those virtualhosts where you want to use both https and http.
I would prefer redirect from http to https. The you need to make a separate virtual host for http, that redirects all requests to https version.
Solution 2
To qoute your question:
I replaced listen 80 default; to listen 443;
Do not replace listen 80
.
Instead add listen 443
.
to be more specific:
Qouting Alexander Azarov from stackexchange
The error says it all actually. Your configuration tells Nginx to listen on port 80
(HTTP) and use SSL. When you point your browser to `http://localhost`, it tries to
connect via HTTP. Since Nginx expects SSL, it complains with the error.
The workaround is very simple. You need two server sections:
server {
listen 80;
// other directives...
}
server {
listen 443;
ssl on;
// SSL directives...
// other directives...
}
Related videos on Youtube
Stefanos.Ioannou
Hi, I’m Stefanos! Since I was a teen I was drawn into computing. At the age of 12, I created my first html site and at the age of 14 I created my first desktop application using Visual Basic. I am now passionate with Rails as it promotes creativity through its simplicity. Feel free to checkout my blog! I am available; searching for an awesome team for a full-time role.
Updated on September 18, 2022Comments
-
Stefanos.Ioannou over 1 year
Update: A temp solution I found was to just redirect all http requests to https.
I have been working on setting up SSL on my website. It is like on a Rails.
I use nginx with unicorn. I bought the certificate from GoDaddy. Then I set it up and generated the CSR at
/etc/nginx/ssl
by following the instructions of this document.Then I copied the text of the generated .csr file and used it to issue the certificate from GoDaddy. After the certificate was issued I downloaded the key bundle generated on GoDaddy and followed the instruction found on this document.
Then configured my /etc/nginx/sites-enabled/mysite.conf file:
(I added the following lines under the server { ... }
listen 443; ssl on; ssl_certificate /etc/nginx/ssl/mysite.crt; ssl_certificate_key /etc/nginx/ssl/mysite.key;
(I replaced
listen 80 default;
tolisten 443;
)Then, I restarted the server and got the
HTTPS://www.example.com
working. The https was with green color and was showing that the certificate is fine.However when I browse to
HTTP://www.example.com
I get an error: 502 Bad Gateway - nginx.I am not sure what is causing this. Any clue?
If you need any other information let me know and I will post them.
My sites config:
/etc/nginx/sites-enabled/example.conf upstream example { server unix:/u/app/example/shared/.sock fail_timeout=0; } server { listen 80; server_name www.example.com; root /u/app/example/current/public/; access_log /u/app/example/shared/log/nginx.access.log; error_log /u/app/example/shared/log/nginx.error.log; client_max_body_size 20M; try_files $uri/index.html $uri.html $uri @app; location @app { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://example; } }
my
/etc/nginx/nginx.conf
user www-data; worker_processes 4; pid /var/run/nginx.pid; events { worker_connections 1024; } http { sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; server_tokens off; server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; upstream app_server { server 127.0.0.1:8080 fail_timeout=0; } access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; gzip on; gzip_disable "msie6"; gzip_types text/plain text/xml text/css text/comma-separated-values; include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; }
and the /etc/nginx/sites-available/default file is:
server { root /u/app/example/current/public; server_name _; index index.htm index.html; location / { try_files $uri/index.html $uri.html $uri @app; } # location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mp3|flv|mpeg|$ location ~* ^.+\.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|flv|mpeg|avi)$ { try_files $uri @app; } location @app { proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_redirect off; proxy_pass http://app_server; } }
The log file when I had both:
listen 80; listen 443;
was outputing
212.50.121.69 - - [28/Jul/2014:15:35:53 +0000] "-" 400 0 "-" "-"
-
Michael Hampton almost 10 yearsPost the complete
server
blocks for your HTTP and HTTPS sites. -
Stefanos.Ioannou almost 10 years@MichaelHampton i included the config files
-
Stefanos.Ioannou almost 10 years@VaibhavPanmand added the one log entry
-
-
Stefanos.Ioannou almost 10 yearsThanks for posting. I tried that before and I was getting this error: "400 Bad Request The plain HTTP request was sent to HTTPS port"
-
Stefanos.Ioannou almost 10 yearsthanks for posting. Getting the same error as per Dennis' Nolte answer.
-
Tero Kilkanen almost 10 yearsCan you post the complete configuration that caused this error?
-
Stefanos.Ioannou almost 10 yearsI have included my config in the question
-
Tero Kilkanen almost 10 yearsYour question includes only the configuration with
listen 80;
directive. What is the complete configuration when you get the400 Bad Request
error?