ruby on rails - serve ssl webpage via nginx, ssl_error_rx_record_too_long -

-

please me: there wrong in virtual.conf nginx conf file means when viewing site, error ssl_error_rx_record_too_long rather being able view site. using aws, nginx serve rails apps - working yesterday, crashed entire server , frantically trying fix @ 2am, ready production @ 9:30am.

ssl_certificate     /etc/ssl/star_my_site.pem; ssl_certificate_key         /etc/ssl/star_my_site.key;   # ------------------ # rails app 1 # ------------------  upstream my_app {   server unix:///var/run/puma/my_app.sock; }  server {   listen      80; #  server_name rails_app_one.my_site.com.au www.rails_app_one.my_site.com.au;   server_name _ localhost;   return      301 https://rails_app_one.my_site.com.au; }  server {   listen   443;   server_name _ localhost;    location / {      proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;      proxy_set_header x-forwarded-proto https;      proxy_set_header host $http_host;      proxy_redirect off;      proxy_pass http://my_app;   }    location ~ "^/assets/" {     root /var/app/current/public;     gzip_static on;     expires max;     add_header cache-control public;   } }  # ------------------ # rails app 2 # ------------------  upstream rails_app_two_app {   server unix:///var/run/puma/rails_app_two_app.sock; }  server {   listen      80;   server_name rails_app_two.my_site.com.au www.rails_app_two.my_site.com.au;   return      301 https://rails_app_two.my_site.com.au; }  server {   listen   443;   server_name  rails_app_two.my_site.com.au;    location / {      proxy_set_header x-forwarded-for $proxy_add_x_forwarded_for;      proxy_set_header x-forwarded-proto https;      proxy_set_header host $http_host;      proxy_redirect off;      proxy_pass http://rails_app_two_app;   }    location ~ "^/assets/" {     root /var/app/rails_app_two.my_site.com.au/current/public;     gzip_static on;     expires max;     add_header cache-control public;   } }

ssl_error_rx_record_too_long means server returning plain http content when browser expecting https content. (you can verify going http://your.site:443 , seeing site.)

you need enable ssl in nginx - declaring ssl_certificate isn't enough.

change listen 443; listen 443 ssl;

(also, i'd suggest putting ssl_certificate in server block, can use different ssl certs other domains.)

edit: https://serverfault.com/questions/497430/error-code-ssl-error-rx-record-too-long has exact same issue, found before 9am production release!


Comments

Post a Comment

Popular posts from this blog

java - Custom OutputStreamAppender not run: LOGBACK: No context given for <MYAPPENDER> -

-
i wish write custom appender on basis of outputstreamappender . wrote following class package tests; import java.io.ioexception; import java.io.outputstream; import ch.qos.logback.core.outputstreamappender; public class myappender<e> extends outputstreamappender<e> { public myappender() { system.out.println("myappender created"); setoutputstream(new outputstream() { @override public void write(int b) throws ioexception { throw new unsupportedoperationexception(); } }); } } then wrote following runner: package tests; import org.slf4j.loggerfactory; import ch.qos.logback.classic.logger; public class runner { private static final logger log = (logger) loggerfactory.getlogger(runner.class); public static void main(string[] args) { //log.addappender(new myappender<iloggingevent>()); log.info("hello world"); } } finall...
Read more

java - UML - How would you draw a try catch in a sequence diagram? -

-
Image
is there standard way of drawing try catch sequence diagrams? i've made attempt based on this feel end result doesn't feel right. code diagram based around: public static void save () { try { filehandle filehandle = gdx.files.external(file); filehandle.writestring(boolean.tostring(constantshandler.soundenabled)+"\n", false); (int = 0; < 5; i++) { filehandle.writestring(integer.tostring(constantshandler.highscores[i])+"\n", true); } } catch (throwable e) { } } my attempt note: know still need add loop. that's ok. fragments meant show conditional control flow in sequence diagram. superstructures puts limitations on use of fragments (see pp. 467 of ss2.1.1). should use critical region try part above. , option catch . however, keep telling can take quite freedom in using uml. it's language , such changes in life time. long reader ge...
Read more

c++ - No viable overloaded operator for references a map -

-
i trying use map can make tag names reference number. when try , use it, in code error (6 in total every time reference map): src/main.cpp:25:45: error: no viable overloaded operator[] type 'std::map<std::string, std::string>' const char* idcs = node.child_value(tagmap[3]); this code: #include "pugi/pugixml.hpp" #include <iostream> #include <string> #include <map> int main() { pugi::xml_document doca, docb; std::map<std::string, pugi::xml_node> mapa, mapb; std::map<std::string, std::string> tagmap {{"1", "data"}, {"2", "entry"}, {"3", "id"}, {"4", "content"}}; if (!doca.load_file("a.xml") || !docb.load_file("b.xml")) { std::cout << "can't find input files"; return 1; } (auto& node: doca.child(tagmap[1]).children(tagmap[2])) { co...
Read more