This is simple — but I’ve seen it done in a few different ways. This is the shortest possible recipe:
[code]
server {
listen 80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
[/code]
Ensure that you only listen for 443 ssl in other config files, e.g.
[code]
server {
root /home/stephan/src/testsite/www;
index index.html;
server_name www.testsite.com;
#listen 80 default_server;
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/testsite/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/testsite/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/testsite/chain.pem;
…
[/code]
Leave a Reply