Update: A temp solution I found was to just redirect all http requests to https.

I have been working on setting up SSL on my website. It is like on a Rails.

I use nginx with unicorn. I bought the certificate from GoDaddy. Then I set it up and generated the CSR at /etc/nginx/ssl by following the instructions of this document.

Then I copied the text of the generated .csr file and used it to issue the certificate from GoDaddy. After the certificate was issued I downloaded the key bundle generated on GoDaddy and followed the instruction found on this document.

Then configured my /etc/nginx/sites-enabled/mysite.conf file:

(I added the following lines under the server { … }

  listen 443;
  ssl on;
  ssl_certificate /etc/nginx/ssl/mysite.crt;
  ssl_certificate_key /etc/nginx/ssl/mysite.key;

(I replaced listen 80 default; to listen 443;)

Then, I restarted the server and got the HTTPS://www.example.com working. The https was with green color and was showing that the certificate is fine.

However when I browse to HTTP://www.example.com I get an error: 502 Bad Gateway – nginx.

I am not sure what is causing this. Any clue?

If you need any other information let me know and I will post them.

My sites config:

/etc/nginx/sites-enabled/example.conf 

upstream example {
  server unix:/u/app/example/shared/.sock fail_timeout=0;
}

server {
  listen 80;
  server_name  www.example.com;
  root   /u/app/example/current/public/;
  access_log  /u/app/example/shared/log/nginx.access.log;
  error_log  /u/app/example/shared/log/nginx.error.log;
  client_max_body_size 20M;

  try_files $uri/index.html $uri.html $uri @app;
  location @app {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect off;
    proxy_pass http://example;
        }
}

my /etc/nginx/nginx.conf

user www-data;
worker_processes 4;
pid /var/run/nginx.pid;

events { worker_connections 1024; }

http {
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        server_tokens off;

         server_names_hash_bucket_size 64;
        # server_name_in_redirect off;

        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        upstream app_server { server 127.0.0.1:8080 fail_timeout=0; }

        access_log /var/log/nginx/access.log;
        error_log /var/log/nginx/error.log;

        gzip on;
        gzip_disable "msie6";
        gzip_types text/plain text/xml text/css text/comma-separated-values;

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;
}

and the /etc/nginx/sites-available/default file is:

server {
        root /u/app/example/current/public;
        server_name _;
        index index.htm index.html;

        location / {
                try_files $uri/index.html $uri.html $uri @app;

        }

#       location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|mp3|flv|mpeg|$
location ~* ^.+\.(jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|mp3|flv|mpeg|avi)$ {
                        try_files $uri @app;
                }

         location @app {
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_redirect off;
                proxy_pass http://app_server;
    }

}

The log file when I had both:

listen 80;
listen 443;

was outputing 212.50.121.69 - - [28/Jul/2014:15:35:53 +0000] "-" 400 0 "-" "-"