I have two web servers and one public static IP address. All incoming requests first go to server A (Nginx)and then via reverse proxy it comes to server B. I have 4 domains on server B using CentOS 6.9 & Apache.
On server A, I add SSL to one domain (which is hosted on server B) and it works perfect. https://pdappt.com
For managing server B, I am using Plesk. I successfully add SSL certificate for one domain on Plesk but I can not access it. All domains on server B are accessible via http without any issue.
Below is an error I get from Chrome. I cleared cookies multiple times, nothing works. Test if via different browser, it does not work. This page isn’t working myhsts.org redirected you too many times.
You have a redirection from https://myhsts.org/ to http://myhsts.org/ which doesn't have too much sens to me ;). But the loop problem is because you also have defined a Strict Transport Header to tell browsers that your site should be accessed via https always, so, you access to https and the browser gets the header to access always to https but you have a redirection to http site and again your browser tries to reach your https site and again the redirection to http.... and so on, you know
Thanks Sahsanu for your prompt and helpful response. I fixed the issue. On my .htaccess there was #RewriteRule forcing browsers to https…I commented it out and now everything works perfect.
https://pdappt.com/ redirects to http://www.pdappt.com/application/index.php and this to http://pdappt.com/application/index.php which seems not what you want… also, this site uses some links to non https sources so you will get warnings about mixed content in some browsers.
Regarding the first three links you would need to change http://code.jquery.com/blahblah to https://code.jquery.com/blahblah and will be fine but for the fourth link http://www.weg2g.com/contents/favicons/pdappt_favoricon.png seems this is a domain you own and it has the same redirection loop problem that you should fix.
Also, myhsts.org have the same issue, it has links to external sites pointg to http instead of https. http://player.vimeo.com and http://fonts.googleapis.com nad maybe others so this is something you should review.
Thanks Sahsanu for your note. I fixed the weg2g.com redirect issue…the was the same issue with .htaccess.
I updated all http: urls to https: on weg2g and pdappt.com and now working on myhsts.org.
Yes, you are using the wrong cert for www.weg2g.com, It uses the certificate valid only for myhsts.com. If you enter to your chat with this url https://weg2g.com/site_API/chat_api/client.php?locale=en it works as expected so it is a configuration issue on your side.
Ok, but for pdappt.com you have several redirects from https to http yet.
You already did it for myhsts.com and weg2g.org (you have issued 2 valid certificates, the first one only for the domain and the second one for the domain and www.domain);
CRT ID DOMAIN (CN) VALID FROM VALID TO EXPIRES IN SANs
139854221 myhsts.org 2017-May-17 19:29 CEST 2017-Aug-15 19:29 CEST 86 days myhsts.org
www.myhsts.org
139846387 myhsts.org 2017-May-17 19:02 CEST 2017-Aug-15 19:02 CEST 86 days myhsts.org
CRT ID DOMAIN (CN) VALID FROM VALID TO EXPIRES IN SANs
141312936 weg2g.com 2017-May-20 15:10 CEST 2017-Aug-18 15:10 CEST 89 days weg2g.com
www.weg2g.com
139846456 weg2g.com 2017-May-17 19:02 CEST 2017-Aug-15 19:02 CEST 86 days weg2g.com
So you should select the right path to the right certificate in your webserver conf. Using certbot client the certificates should be here /etc/letsencrypt/live/ and you could also check what are them and where they are located using certbot certificates command but with Plesk I've no idea because I don't use it.
I am trying to make both below links to works. I already have SSL for the first one but need to add SSL for the second one. I prefer not to use apache to redirect first to 2ed one.
You will see whether the cert is covering your myhsts.org and www.myhsts.org domains or only myhsts.org.
If you see both names, www and non-www then maybe your apache server needs to be reloaded to use the updated cert, if you only see the non-www domain you should review where your Plesk planel saved the issued cert for both domains. The same for weg2g.com.