Multisite configuration not working anymore (secured connection failed)

gextan · May 12, 2018, 2:13am

My domain is: several domains, eg drapeau.biz
My web server is (include version): NGINX
The operating system my web server runs on is (include version): Debian
My hosting provider, if applicable, is: OVH

Hi,
I have several websites on the same server, all of them with a https setting
Everything was working fine until lately I discovered it was impossible to connect to any of them despite the fact that i didn’t change anything
I realized that removing the redirection to https made the websites work again, meaning it works with http. So I figured out it has something to do with the https setting somewhere
I renewed the certificate, nothing changed

I have a typical virtiual host file for all my websites as follow

server {
listen 80;
server_name www.drapeau.biz drapeau.biz;
return 301 https://drapeau.biz$request_uri;
}
server {
listen 433;
server_name www.drapeau.biz;
return 301 https://drapeau.biz$request_uri;
}

server {
listen 443 ssl http2;
server_name drapeau.biz;
etc…

I realized that putting “default_server” in the line “listen 443 default_server ssl http2” made it works again ! But I can’t put “default_server” for all my websites !
Again, I didn’t change anything and it was working fine before, so this is really confusing
Thanks

stevenzhu · May 12, 2018, 2:20am

Hi ,

Can you run nginx -v and share the output?

Thank you

gextan · May 12, 2018, 2:27am

Hi
nginx version: nginx/1.13.12
Thanks

mnordhoff · May 12, 2018, 2:30am

SSL virtual hosts are required to have ssl_certificate and ssl_certificate_key directives. (People often have other ssl_* directives, but it's not required.)

Also, one of those has port 433 instead of port 443.

gextan · May 12, 2018, 2:39am

Wahou ! I never realized that typo error before : 443 vs 433 !!
So I changed it as follow, but still not working

server {
listen 80;
server_name www.drapeau.biz drapeau.biz;
return 301 https://drapeau.biz$request_uri;
}

server {
listen 443 ssl http2;
server_name drapeau.biz;

access_log  /var/www/drapeau.biz/logs/nginx_access.log vhosts;
error_log  /var/www/drapeau.biz/logs/nginx_error.log;

    root   /var/www/drapeau.biz/www;
index  index.php;

client_max_body_size 150m;

ssl on;
  ssl_certificate /etc/letsencrypt/live/drapeau.biz/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/drapeau.biz/privkey.pem;
  ssl_session_timeout 5m;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
  ssl_prefer_server_ciphers on;

gextan · May 12, 2018, 3:02am

Just found what was wrong !
the key is that nginx is loading vhosts in ascii order,
And I created some days ago a new vhost that was before drapeau.biz in ascii order, but the website related to this new vhosts was not yet on the server.
By deleting this new vhost, everything went back to normal !
thanks

system · June 11, 2018, 3:17am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.