-2

I am having an odd issue. I configured a SSL proxy with Nginx serving a website in HTTP which is on 127.0.0.1:1195 (example.com is in my hosts pointing to 127.0.0.1). For some reason :

  • https://example.com:8765 doesn't work and gives ERR_NAME_NOT_RESOLVED
  • while https://www.example.com:8765 works
  • and https://ipaddress:8765 works as well.

What did I do wrong? Here is my nginx configuration 

  server {
    listen 8765 ssl;
    server_name example.com;

    error_log /var/log/nginx/service.log;

    ssl on;
    ssl_certificate /etc/nginx/certificate.crt;
    ssl_certificate_key /etc/nginx/certificate.key;
    ssl_dhparam /etc/nginx/dhparams.pem;

    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+$
    ssl_prefer_server_ciphers on;
    ssl_session_cache shared:SSL:10m;

    add_header  X-Robots-Tag "noindex, nofollow, nosnippet, n$

    location / {
            gzip off;
            proxy_set_header X-Forwarded-Ssl on;
            client_max_body_size 50M;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_for$
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Frame-Options SAMEORIGIN;
            proxy_pass http://example.com:1195;
    }

}

Jenny D
  • 27,780
  • 21
  • 75
  • 114
j_krz
  • 1
  • 2
  • 1
    Are you sure your SSL certificate is valid for both www.mydomain.com and plain mydomain.com? If it's only www., that would cause you SSL errors (it may help if you explain the exact nature of the error you're getting). – Carcer Jan 22 '16 at 17:51
  • 1
    Your question is poorly written and ambiguous. Why have you use a + instead of a t in http? You've said you've configured an ssl proxy for http, rather than https. The answer is probably like Carcer said. – Tim Jan 22 '16 at 18:54
  • @Carcer Yes I did deploy another website without www. – j_krz Jan 24 '16 at 08:18
  • @Tim Becausee Serverfault prevents me from posting more than "2 links"... – j_krz Jan 24 '16 at 08:20
  • Makes sense. Did you try what Carcer said? – Tim Jan 24 '16 at 08:22
  • @Tim I used Let's Encrypt the following way : ./letsencrypt-auto certonly --standalone -d mydomain.com -d www.mydomain.com So mydomain.com should be part of the certificate and mydomain.com is written as the CO in the certificate proprieties – j_krz Jan 24 '16 at 08:27
  • I tried generating a new certificate without Let's Encrypt and I still have ERR_NAME_NOT_RESOLVED – j_krz Jan 24 '16 at 09:00

1 Answers1

0

It seems the issue comes from my registar. There was a time whereeverything was working but now I cannot even ping my domain. The A record wasn't setup properly.

j_krz
  • 1
  • 2
  • I think you need to post the actual URL if you want further help. People can try to avoid quoting it so you can remove it later if required. – Tim Jan 24 '16 at 17:33
  • Thank you @Tim, actually the A record wasn't setup properly. My fault. – j_krz Jan 24 '16 at 19:40