#StackBounty: #ruby-on-rails #ubuntu #ssl #nginx #lets-encrypt example.com redirected you too many times. ERR_TOO_MANY_REDIRECTS

Bounty: 50

I was trying to Secure Nginx with Let’s Encrypt on Ubuntu 16.04.

example.conf file before obtaining an SSL Certificate

server {
    server_name example.com www.example.com ;
    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/backup/mycode/public;
    # Turn on Passenger
    passenger_enabled on;
    rails_env development;
    passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;

}

http://example.com/ is working fine.

I try to Obtain an SSL Certificate by

sudo certbot --nginx -d example.com -d www.example.com

the result was

Your existing certificate has been successfully renewed, and the new certificate
has been installed.

The new certificate covers the following domains: https://example.com and
https://www.example.com

example.conf file after obtaining an SSL Certificate

server {
    server_name example.com www.example.com ;
    # Tell Nginx and Passenger where your app's 'public' directory is
    root /var/www/backup/example.com/public;
    # Turn on Passenger
    passenger_enabled on;
    rails_env development;
    passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;




    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    server_name example.com www.example.com ;
    listen 80;
    return 404; # managed by Certbot

}

http://example.com/ is redirecting to https://example.com/ too many times

example.com redirected you too many times.
ERR_TOO_MANY_REDIRECTS

  1. Why is it redirecting too many times?
  2. what is the purpose of the second server block?
    server {
    if ($host = www.example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    
    
    if ($host = example.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot
    
    
    server_name example.com www.example.com ;
    listen 80;
    return 404; # managed by Certbot
    
     }
    
  3. How to make all redirects to https://www.example.com/ ?

EDIT1

Moving the certibot managed code to second server block has stopped the too many redirects problem. But my website is back again directing to HTTP instead of https.

    server {
            server_name example.com www.example.com ;
            # Tell Nginx and Passenger where your app's 'public' directory is
            root /var/www/backup/example.com/public;
            # Turn on Passenger
            passenger_enabled on;
            rails_env development;
            passenger_ruby /usr/local/rvm/gems/ruby-2.5.6/wrappers/ruby;

        }
        server {

            listen 443 ssl; # managed by Certbot
            ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; # managed by Certbot
            ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; # managed by Certbot
            include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
            ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
            if ($host = www.example.com) {
                return 301 https://$host$request_uri;
            } # managed by Certbot


            if ($host = example.com) {
                return 301 https://$host$request_uri;
            } # managed by Certbot


            server_name example.com www.example.com ;
            listen 80;
            return 404; # managed by Certbot

        }


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.