Redirect all but one sub domain to https?

Question

This post is very close to what I am looking for. But what I am looking for is

letsencrypt.example.com   should always be http
          *.example.com   should always be https

Using the solution from this post I can rewrite all http to https by

server {
  listen 80;
  server_name test.example.com;
  rewrite     ^   https://$http_host$request_uri? permanent;
}

and then onwards do

server {
  listen 443 ssl;
  ...

Question

But how can I make sure that letsencrypt.example.com remains at http port 80?

score 1 · Accepted Answer · answered May 19 '16 at 12:59

You should use an explicit server for letsencrypt.example.com and then use a catch-all server for the redirection.

Your port 80 server blocks would look Like this:

server {
    listen 80;
    server_name letsencrypt.example.com;
    ...
}
server {
    listen 80 default_server;
    return 301 https://$http_host$request_uri;
}

See this documentation for details.

Redirect all but one sub domain to https?

1 Answers1