domain only reachable with https:// in front

Jeff Dyke jeff.dyke at
Tue Nov 28 17:17:07 UTC 2017

I think it is unfortunate that certbot does it this way, with an if
statement, which i believe is evaluated in every request. I use something
like the following (with your names):

server {
  listen 80 default_server;
  listen [::]:80 default_server;
  return 301 https://$host$request_uri;

server {
  listen 443 ssl default_server;
  ssl_certificate /etc/letsencrypt/live/;
  ssl_certificate_key /etc/letsencrypt/live/;

  ....reset of config

Not part of your question, but I also use the hooks in webroot mode, rather
than nginx, for certbot, so it's never modifies my configuration, as the
sites-enabled files are managed by a configuration management system across
about 100 domains, some with special requirements.


On Tue, Nov 28, 2017 at 11:40 AM, pstnta <nginx-forum at>

> hi,
> thanks for answering,
> shouldn't that forward everything to https? so shouldn't it work with just
> instead of
> Posted at Nginx Forum:
> php?2,277546,277548#msg-277548
> _______________________________________________
> nginx mailing list
> nginx at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list