0

I have website build with django and nginx. After adding Let's Encrypt SSL certificat using Certbot I get the error : ERR_TOO_MANY_REDIRECTS.

Please find the below nginx configuration :

server {
    listen 80 default_server;
    server_name www.example.com example.com;

    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl default_server;
    server_name www.example.com example.com;

    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


    location /favicon.ico { 
        access_log off; 
        log_not_found off; 
    }
    location /static/ {
        root /home/project;
    }

    location / {
        include proxy_params;
        proxy_pass http://unix:/run/gunicorn.sock;
    }
}

I think the problem is with return 301; part , but I have searched and I don't know what is wrong.

Alexandre Roux
  • 470
  • 1
  • 6
  • 20
Elkpeir
  • 3
  • 3
  • Check your web application. – Michael Hampton Oct 23 '18 at 19:47
  • Hi @MichaelHampton thanks for fast replay .. i don't know what you mean by check my web application , sorry I'm newbie .. can you tell me what exactly should i do ? – Elkpeir Oct 23 '18 at 19:53
  • You look at your Python code to determine where the redirect is coming from. – Michael Hampton Oct 23 '18 at 19:54
  • i have looked in my code and i don't think the problem with it .. because when i removed 301 redirect the https works fine – Elkpeir Oct 23 '18 at 20:17
  • @Michael do you think nginx configuration is fine ? – Elkpeir Oct 23 '18 at 20:18
  • I see nothing wrong with your nginx configuration. The trouble is either with your Django app, or you forgot to clear your browser cache. Or you have _another_ web server or load balancer in front of nginx that you forgot to mention. – Michael Hampton Oct 23 '18 at 20:20
  • i have cleared my browser cache many times , and i have only one web server , and i use cloudflare i don't know if he is the problem – Elkpeir Oct 23 '18 at 20:29
  • Yes, you need to also check your CloudFlare settings. You have to enable SSL full or strict in CloudFlare. Full SSL (strict) is recommended. – Michael Hampton Oct 23 '18 at 20:40
  • thanks man it works .. can you please put the solution on answer so i can accept it ? – Elkpeir Oct 23 '18 at 20:53

1 Answers1

1

Since you're using CloudFlare, you also need to enable SSL in your CloudFlare settings. Since you have a real SSL certificate on your origin server, you should use Full SSL (strict) in your CloudFlare settings.

Michael Hampton
  • 244,070
  • 43
  • 506
  • 972