Redirect nginx port 80 to http2 443 fails

Question

Searched tons of links on the web, I don't get why this conf doesn't redirect properly from http://example.com to https://example.com

My nginx conf:

# HTTPS
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;

    index index.html;

    # Prevent nginx HTTP Server Detection
    server_tokens off;

    server_name example.org;
    root /home/www/example.org;

    # Let's Encrypt conf
    include /etc/nginx/ssl.conf;

    access_log  /var/log/nginx/example.org.access.log;
}

# HTTP redirect
server {
    listen 80;
    listen [::]:80;

    server_name example.org;

    location / {
        return 301 https://$server_name$request_uri;

    }
}

netstat:

# netstat -nptl | grep :80
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      71768/nginx: master 
tcp6       0      0 :::80                   :::*                    LISTEN      71768/nginx: master

What I'm doing wrong?

When I try curl, I get:

$ curl -Lv http://example.org
*   Trying 123:123:123:123:80...
* Connected to example.org (123:123:123:123) port 80 (#0)
> GET / HTTP/1.1
> Host: example.org
> User-Agent: curl/7.81.0
> Accept: */*
>
* Received HTTP/0.9 when not allowed
* Closing connection 0
curl: (1) Received HTTP/0.9 when not allowed

And a telnet:

$ telnet example.org 80
Trying 123:123:123:123...
Connected to example.org.
Escape character is '^]'.
GET / HTTP/1.1
Connection closed by foreign host.

Let'sEncrypt file

ssl_certificate /etc/letsencrypt/live/example.org-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org-0001/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dh2048.pem;
add_header Strict-Transport-Security "max-age=63072000";
ssl_session_cache shared:SSL:1m;

No issue with SSL vhost.

Possibly you have one or more additional server blocks you haven't disclosed and that the problem could be in there. Please edit your question to include the output of `nginx -T` - an example of a similar issue where the problem was related to a 'spdy' or 'http2' directives in a different server entry on port 80 https://serverfault.com/q/1041653/37681 — HBruijn, Mar 23 '23 at 15:14

score 3 · Answer 1 · answered Mar 23 '23 at 07:57

3

Try replacing

server {
    listen 80;
    listen [::]:80;

    server_name example.org;

    location / {
        return 301 https://$server_name$request_uri;

    }
}

with

server {
    listen 80;
    listen [::]:80;

    server_name example.org;
    return 301 https://$server_name$request_uri;
}

answered Mar 23 '23 at 07:57

Rad

43
1
5

No, it doesn't work. Same error with `curl` and https://downforeveryoneorjustme.com/ said it's down on http – Mévatlavé Kraspek Mar 23 '23 at 08:11
The 80 port is reachable as client side – Mévatlavé Kraspek Mar 23 '23 at 08:19
my letsencrypt conf has 3 lines `ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; include snippets/ssl-params.conf;` ... are you sure, you're including everything ? – Rad Mar 23 '23 at 09:09
The 443 `vhost` works as a charm. The 80 one, have no `ssl` conf – Mévatlavé Kraspek Mar 23 '23 at 12:20
Added LetsEncrypt file in my original POST – Mévatlavé Kraspek Mar 23 '23 at 12:30
Issue find, see duplicated, plused+ – Mévatlavé Kraspek Mar 23 '23 at 16:26

Redirect nginx port 80 to http2 443 fails

1 Answers1