Searched tons of links on the web, I don't get why this conf doesn't redirect properly from http://example.com to https://example.com
My nginx conf:
# HTTPS
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
index index.html;
# Prevent nginx HTTP Server Detection
server_tokens off;
server_name example.org;
root /home/www/example.org;
# Let's Encrypt conf
include /etc/nginx/ssl.conf;
access_log /var/log/nginx/example.org.access.log;
}
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name example.org;
location / {
return 301 https://$server_name$request_uri;
}
}
netstat:
# netstat -nptl | grep :80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 71768/nginx: master
tcp6 0 0 :::80 :::* LISTEN 71768/nginx: master
What I'm doing wrong?
When I try curl, I get:
$ curl -Lv http://example.org
* Trying 123:123:123:123:80...
* Connected to example.org (123:123:123:123) port 80 (#0)
> GET / HTTP/1.1
> Host: example.org
> User-Agent: curl/7.81.0
> Accept: */*
>
* Received HTTP/0.9 when not allowed
* Closing connection 0
curl: (1) Received HTTP/0.9 when not allowed
And a telnet:
$ telnet example.org 80
Trying 123:123:123:123...
Connected to example.org.
Escape character is '^]'.
GET / HTTP/1.1
Connection closed by foreign host.
Let'sEncrypt file
ssl_certificate /etc/letsencrypt/live/example.org-0001/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.org-0001/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/private/dh2048.pem;
add_header Strict-Transport-Security "max-age=63072000";
ssl_session_cache shared:SSL:1m;
No issue with SSL vhost.
