Dealing with nginx 400 The plain HTTP request was sent to HTTPS port error

Question

I m running a Sinatra app behind passenger nginx  I m trying to get it to respond to both http and https calls  The problem is  when both are defined in the server block https calls are responded to normally but http yields a 400  The plain HTTP request was sent to HTTPS port  error  This is for a static page so I m guessing Sinatra has nothing to do with this  Any ideas on how to fix this   Here s the server block   server           listen 80          listen 443  ssl          server name localhost          root  home myhome app public          passenger enabled on           ssl on          ssl certificate       opt nginx ssl keys ssl crt          ssl certificate key   opt nginx ssl keys ssl key          ssl protocols        SSLv3 TLSv1          ssl ciphers          HIGH  aNULL  MD5           location  static               root   home myhome app public              index  index html index htm index php                     error page 404  404 html             redirect server error pages to the static page  50x html         error page 500  500 html           access log  home myhome app logs access log          error log  home myhome app logs error log

User · Answer

The above answers are incorrect in that most over-ride the 'is this connection HTTPS' test to allow serving the pages over http irrespective of connection security.

The secure answer using an error-page on an NGINX specific http 4xx error code to redirect the client to retry the same request to https. (as outlined here https://serverfault.com/questions/338700/redirect-http-mydomain-com12345-to-https-mydomain-com12345-in-nginx )

The OP should use:

server {
  listen        12345;
  server_name   php.myadmin.com;

  root         /var/www/php;

  ssl           on;

  # If they come here using HTTP, bounce them to the correct scheme
  error_page 497 https://$server_name:$server_port$request_uri;

  [....]
}

User · Answer

I ran into a similar problem   It works on one server and does not on another server with same Nginx configuration   Found the the solution which is answered by Igor here http   forum nginx org read php 2 1612 1627 msg-1627  Yes  Or you may combine SSL non-SSL servers in one server   server     listen 80    listen 443 default ssl       ssl on   - remember to comment this out

User · Answer

I had the exact same issue  I have kind of the same configuration as your exemple and I got it working by removing the line    ssl on   To quote the doc      If HTTP and HTTPS servers are equal  a single server that handles both HTTP and HTTPS requests may be configured by deleting the directive    ssl on    and adding the ssl parameter for   443 port

User · Answer

According to wikipedia article on status codes  Nginx has a custom error code when http traffic is sent to https port error code 497  And according to nginx docs on error page  you can define a URI that will be shown for a specific error  Thus we can create a uri that clients will be sent to when error code 497 is raised  nginx conf  lets assume your IP address is 89 89 89 89 and also   that you want nginx to listen on port 7000 and your app is running on port 3000  server       listen 7000 ssl        ssl certificate  path to ssl certificate cer      ssl certificate key  path to ssl certificate key key      ssl client certificate  path to ssl client certificate cer       error page 497 301  307 https   89 89 89 89 7000 request uri       location             proxy pass http   89 89 89 89 3000            proxy pass header Server          proxy set header Host  http host          proxy redirect off          proxy set header X-Real-IP  remote addr          proxy set header X-Forwarded-Protocol  scheme           However if a client makes a request via any other method except a GET  that request will be turned into a GET  Thus to preserve the request method that the client came in via  we use error processing redirects as shown in nginx docs on error page And thats why we use the 301  307 redirect  Using the nginx conf file shown here  we are able to have http and https listen in on the same port

User · Answer

if use phpmyadmin add  fastcgi param HTTPS on

User · Answer

Here is an example to config HTTP and HTTPS in same config block with ipv6 support  The config is tested in Ubuntu Server and NGINX 1 4 6 but this should work with all servers    server         support http and ipv6     listen 80 default server      listen      80 default server ipv6only on         support https and ipv6     listen 443 default server ssl      listen      443 ipv6only on default server ssl         path to web directory     root  path to example com      index index html index htm         domain or subdomain     server name example com www example com         ssl certificate     ssl certificate  path to certs example com-bundle crt      ssl certificate key  path to certs example com key       ssl session timeout 5m       ssl protocols SSLv3 TLSv1 TLSv1 1 TLSv1 2      ssl ciphers  HIGH  aNULL  MD5 or HIGH  aNULL  MD5  3DES       ssl prefer server ciphers on      Don t include ssl on which may cause 400 error  The config above should work for     http   example com      http   www example com      https   example com      https   www example com   Hope this helps

User · Answer

The error says it all actually  Your configuration tells Nginx to listen on port 80  HTTP  and use SSL  When you point your browser to http   localhost  it tries to connect via HTTP  Since Nginx expects SSL  it complains with the error   The workaround is very simple  You need two server sections   server     listen 80        other directives       server     listen 443     ssl on       SSL directives          other directives

User · Answer

Actually you can do this with     ssl off     This solved my problem in using nginxvhosts  now I am able to use both SSL and plain HTTP   Works even with combined ports

[nginx] Dealing with nginx 400 "The plain HTTP request was sent to HTTPS port" error

Examples related to nginx