The error is "Could not automatically find a matching server block for xref.colab.duke.edu. Set the server_name directive to use the Nginx installer."
nginx -t works fine.
My conf file:
server{
listen 80;
server_name www.hi.edu; # correct and working webpage
location /static/{
root /home/lz211/xref-project/xref/static/;
}
location / {
proxy_pass https://www.hi.edu;
}
}
could someone help in this case?
Thank you!
The error showed this domain name. Was this the name you requested a cert for?
Because the nginx config had a different name
I'm lost...
How does this work?:
Your server is going to host the HTTP site and proxy it to the HTTPS site?
Doing so would remove the encryption from your visitors.
yes, I used xref.colab.duke.edu here.
Sorry about the confusion. Here I am trying to encrypt from http to https
then your nginx server_name should be that name too
If you mean to ensure that all requests use only HTTPS, then you want to redirect the HTTP requests [not proxy them that way].
Yes, that too 
!
Yes, I changed it exactly the same. Thank you!
I finally found my problem has overwritten the file I am not supposed to do.
I used sudo vi /etc/apt/sources.list.d/nginx.list.
Now this domain's http works and it connects with the Django part. However, the https gives me
nginx/1.18.0 (Ubuntu)
Here is my /etc/nginx/sites-available/xref file:
server{
server_name xref.colab.duke.edu;
location /static/ {
root /home/lz211/xref-project/xref/static/;
}
location / {
proxy_pass https://xref.colab.duke.edu:8000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/xref.colab.duke.edu/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/xref.colab.duke.edu/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server{
if ($host = xref.colab.duke.edu) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name xref.colab.duke.edu;
return 404; # managed by Certbot
}
I used Certbot for this. Do you mean I need to choose to redirect for the options listed?
This error
is from this
Using HTTPS (port 443) to your domain works fine and I see a fresh cert (link here)
But, your proxy_pass is failing. Depending on your requirements you may not need HTTPS on that proxy_pass and instead just use HTTP. But, that is a design decision for you to make. There is no single right or wrong answer.
Since you have chosen HTTPS then you need to make sure you setup your port 8000 service to handle an HTTPS connection. This is a general system design question which is not the focus of this forum.
That one file is trying to listen to two ports [one securely and one not].
Two server blocks though although the coding doesn't make it clear.
What is the concern for having both in the same file?
I missed that - looked like it was in the same vhost!
Updated that post to make the separation clear.
Thank you Mike!
location / {
proxy_pass https://xref.colab.duke.edu:443;
}
However, when I changed it here, it still not work and shows 502 error.
when I use HTTP here
location / {
proxy_pass http://xref.colab.duke.edu:443;
}
It is 400 Bad Request The plain HTTP request was sent to HTTPS port.
I am not quite familiar with https, but the current file was somehow generated by certbot itself. Could you helo me in this case?
Thank you !
Certbot does not create a proxy_pass statement. If one was present in the port 80 server block it will be carried over to the port 443 block.
But, you must have created that to begin with. I've already described what you need to do.
That is not expected to work.
Try:
proxy_pass http://xref.colab.duke.edu;
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.