I successfully used certbot --nginx to generate my certificate on my Ubuntu 16.04 64 bit VPS. The domain is www.zozzxx.xyz. I chose “Easy - Allow both HTTP and HTTPS access to these sites”
However, when I access the domain in Firefox I get: “The page isn’t redirecting properly. Firefox has detected that the server is redirecting the request for this address in a way that will never complete.”
In Chrome, I get: “The plain HTTP request was sent to HTTPS port. 400 Bad Request.”
How can I rectify this error? Thanks. I imagine I need to edit some nginx files but I’m not sure what to change.
The “server block” shows:
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTP
server {
include /etc/nginx/sites-conf.d/default/*.conf;
listen 443 ssl;
server_name www.zozzxx.xyz;
ssl on;
ssl_certificate /etc/letsencrypt/live/www.zozzxx.xyz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.zozzxx.xyz/privkey.pem;
# managed by Certbot
My VPS uses Nginx and, in /etc/nginx/sites-available/00-default.conf, I did add a vhost for HTTP 80. However, that created numerous other different errors.
I have, in /etc/nginx/sites-available.bak/default, the following code:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name _;
I did edit and add this code to the 00-default.conf file but it made more of a mess than was the case previously. How would you edit this code (if this is, indeed, the correct code) so that I can include it in the 00-default.conf file?
You mentioned Cloudflare. My domain registrar DNS is pointed to Cloudflare and Cloudflare shows:
A www --> points to IP address.
A zozzxx.xyz --> points to IP address.
Is this wrong? Is this why I have the redirection? I can't see how else I should set up Cloudflare.
Any other help you can provide would be warmly appreciated.
ISSUE 1. the endless (looped) redirection:
All of that looks ok.
Unless there is something strange in either:
include /etc/nginx/sites-conf.d/default/.conf;
or
include /etc/nginx/sites-conf.d/default-ssl/.conf;
(very low probability)
https://www.zozzxx.xyz/
returns:
<html><head><meta HTTP-EQUIV=“REFRESH” content=“0; url=/mail/”></head></html>
(which seems well enough; and not behind CloudFlare - using IP 139.59.166.172) But it is using a self-signed cert - not one from LE. This indicates that we have definitely missed something…
So, what is in the /var/www/html/mail/ folder that makes this loop?
ISSUE 2. error 400 on http://zozzxx.xyz/ and https://zozzxx.xyz/
This error is most likely corrected somewhere within the CloudFlare configuration.
Most likely the backend is misconfigured or inaccessible by CloudFlare.
The current situation is that I have one of two errors. In the first, I have a valid certificate but with unending 302 redirections (looping).
In the second, as you mention, I have a self-signed certificate but I can access the site.
Right now, I have set it to the looping. I have no idea how to resolve this. A search for Lets Encrypt 302 nginx doesn’t reveal anything. How can I have looping but a valid certificate or no looping but a self-signed certificate?
Fair enough. I installed LE certs using certbot --nginx and it worked. The certs are in the /live/domain_name directory. But when I connect to my domain, the cert works but it creates a 302. If I disable the cert in Nginx, I can connect (no 302). The only reason I have a 302 is after Certbot created the certs and modified the 00-default,conf file.