Welcome! Log In Create A New Profile

Advanced

NGINX redirect to HTTPS, while still maintaining HTTP route for Let's Encrypt Challenges

Posted by andreigaspar 
I can successfully route traffic from port 80 to HTTPS, and I can also get the Let's Encrypt SSL certificate successfully. But my problem starts when I want to do both.

Whenever my certs are expiring I have to adjust the config to pass the Let's Encrypt challenges. And that's no good.

Here is the config that is passing the challenges successfully

------------------------------------------------

server {
listen 80;
listen [::]:80;
server_name example.com *.example.com;

#for certbot challenges (renewal process)
location ~ /.well-known/acme-challenge {
allow all;
root /data/letsencrypt;
}

root /data/letsencrypt;
index index.html;
}
------------------------------------------------------

And here is a config that routes the traffic to HTTPS

-----------------------------------------------------

server {
listen 80 default_server;
listen [::]:80 default_server;
server_name example.com *.example.com;

location / {
return 301 https://$host$request_uri;
}

return 444;
}
-----------------------------------------------------


Whenever I start trying to combine them, the routing to HTTPS seems to take over and the challenges break.

It could be also useful to note that I'm using Nginx as a reverse proxy in a Docker environment, so from HTTP, I'm routing to HTTPS, and from there I'm reverse proxying for other services.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 72
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready