ERR_TOO_MANY_REDIRECTS afer setting up certbot

Help
1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: www.asteroidminingindustries.xyz

I ran this command:sudo certbot --nginx

It produced this output: ERR_TOO_MANY_REDIRECTS (on webpage no error in console)

My web server is (include version): certbot 2.6.0

The operating system my web server runs on is (include version): Ubuntu 22.04.3 LTS

My hosting provider, if applicable, is: hetzner (for the box) namecheap (for the domain)

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
Powershell

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): output from certbot --version = certbot 2.6.0

I had a server before with this domain and it worked fine did some updates that required me to build it again from scratch and got it working with HTTP when I try and add certbot to let it be HTTPS it gives me ERR_TOO_MANY_REDIRECTS far as I can tell I'm not using Cloudflare my redirects on the domain seem to be set correctly and now I'm lost as I'm running another instance of the same server on a different box from the same hosting services and same set up just with a different domain and that is working fine the only difference between the two is that one is a new domain and the other in an old domain

2

There's some misconfiguration in either nginx or the application you're using. Your certificate is installed just fine, tho.

❯ curl -IL www.asteroidminingindustries.xyz
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:47 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.asteroidminingindustries.xyz/

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LY:LnKoaRFx8zy4kirq7E0svHki47w5tyESigRfmGCytC0; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LZ:1b62xle8yijYriPORWJf411ioGp7Xc1o_vbJYO1pP-I; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/
X-Frame-Options: DENY
Vary: Accept-Language, Cookie
Content-Language: en
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Set-Cookie: messages=.eJw9zbEOgzAMBNBfsTK1UoQy0A_o0IG5I0LICi6kAofaTiX-vlCpne_dXdu6vn9q5n4hVRzJ-eDr4N212ATEMRc2EhoAGUgkC6yS424Tj7DlIiD0KqTmYZ0JlcBkAxwxcQXNA2yiX49Ek5r-YcxsGO1LcFgS76mgZdEKTpcQoDmuGWe4k7xJ4HbsnF3XfQBK8EEM:1qc1LZ:1b62xle8yijYriPORWJf411ioGp7Xc1o_vbJYO1pP-I; HttpOnly; Path=/; SameSite=Lax

HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 01 Sep 2023 10:25:49 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: /dashboard/

(It goes on)
3 Likes
3

I'm a new person to all of this and iv stumbled my way through setting this all up is there any way that I should check to see if I can find the problem to fix it? ty for the confirmation that it is installed right

4

Check your nginx config for some return 302 blabla statements, and show us.

3 Likes
5

server {

server_name www.asteroidminingindustries.xyz;

location = /favicon.ico { access_log off; log_not_found off; }

location /static {
    alias /var/www/myauth/static;
    autoindex off;
}

location /robots.txt {
    alias /var/www/myauth/static/robots.txt;
}

# Gunicorn config goes below
location / {
    include proxy_params;
    proxy_pass http://127.0.0.1:8000;
}

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.asteroidminingindustries.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.asteroidminingindustries.xyz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = www.asteroidminingindustries.xyz) {
return 301 https://$host$request_uri;
} # managed by Certbot

listen 80;
listen [::]:80;

server_name www.asteroidminingindustries.xyz;
return 404; # managed by Certbot

}

I believe this is the right config file

6

This looks ok. Check gunicorn and its redirects too?

3 Likes
7

i cant find a file called gunicorn.config or gunicorn.config.py but I have got this that is related to running gunicorn

[program:gunicorn]
user = allianceserver
directory=/home/allianceserver/myauth/
command=/home/allianceserver/venv/auth/bin/gunicorn myauth.wsgi --workers=3 --timeout 120
stdout_logfile=/home/allianceserver/myauth/log/gunicorn.log
stderr_logfile=/home/allianceserver/myauth/log/gunicorn.log
autostart=true
autorestart=true
stopsignal=INT

and this is the only thing that i have set in relation to gunicorn

if it helps im working off this install guide Gunicorn — Alliance Auth documentation

8

your python app, then.

ot the proxy_params file, wherever it is.

something is issuing these redirects (maybe it doesn't expect a reverse proxy, check the documentation)

4 Likes
9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.