C
C
Chvalov2016-12-01 07:03:48
Nginx
Chvalov, 2016-12-01 07:03:48

500 error after connecting SSL certificate in nginx, how to treat?

I decided to attach a certificate from CloudFlare to the site, until that moment the site worked perfectly.

default.conf
server {
        listen 80;
        server_name localhost;
        root /usr/share/nginx/html;
        index index.php index.html index.htm;

        # Redirect server error pages to the static page #
        location / {
                        try_files $uri $uri/ /index.php;
        }
                        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                        root /usr/share/nginx/html;
        }

        # Pass the PHP scripts to FastCGI server #
        location ~ \.php$ {
                        try_files $uri =404;
                        fastcgi_pass 127.0.0.1:9000;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                        fastcgi_index index.php;
                        include fastcgi_params;
       }
}

# My Site (Laravel)

        # Редиректим с www
        server {
                server_name www.example.com;
                return 301 $scheme://example.com$request_uri;
        }

        server {
                listen 443;
                ssl on;
                ssl_certificate /home/cert.pem;
                ssl_certificate_key /home/cert_key.pem;

                server_name .example.com;
                root /usr/share/nginx/html/laravel/public;

                index index.php;

                charset utf-8;

                location / {
                try_files $uri $uri/ /index.php$is_args$args;
        }

        location = /favicon.ico { access_log off; log_not_found off; }
        location = /robots.txt  { access_log off; log_not_found off; }

        # Added cache headers for images.
        location ~* \.(png|jpg|jpeg|gif)$ {
            expires 30d;
            log_not_found off;
        }

        location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass 127.0.0.1:9000;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_intercept_errors off;
                fastcgi_buffer_size 16k;
                fastcgi_buffers 4 16k;
        }

    gzip on;
    gzip_disable "msie6";
    gzip_comp_level 9;
    gzip_types text/plain text/html text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;

    location ~* ^.+\.(rss|atom|jpg|jpeg|gif|png|ico|rtf|js|css|ttf)$ {
        expires max;
    }

    location ~ /\.ht {
        deny all;
    }
}


/var/log/nginx/error.log:

2016/12/01 03:55:19 [error] 8289#8289: *1 could not find named location "@404", client: 172.68.10.204, server: localhost, request: "GET /index.php HTTP/1.1", host: "example.com"
2016/12/01 03:55:19 [error] 8289#8289: *2 could not find named location "@404", client: 172.68.11.48, server: localhost, request: "GET /favicon.ico HTTP/1.1", host: "example", referrer: "https://example/index.php"

iptables -L -n
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:80

When entering the site, it gives "500 Internal Server Error"
If you remove listen 443 from the config; everything works, but how then to be with the certificate??
What is the problem?
UPD .. 500 error occurs if you go to the site via http, if you write httpS://domain.com everything works

Answer the question

In order to leave comments, you need to log in

1 answer(s)
A
Alexander Valle, 2016-12-01
@v1pby

Is server_name correct in the server listen 80 block? You seem to be on the wrong host. And in general, the config on http is very different from https.
http - root /usr/share/nginx/html;
https - root /usr/share/nginx/html/laravel/public;
In general, you need to bring the config into a divine form.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question