Get the most out of your Centmin Mod LEMP stack
Become a Member

SSL Letsencrypt Cloudflare ERR_TOO_MANY_REDIRECTS error after applying cloudflare SSL

Discussion in 'Domains, DNS, Email & SSL Certificates' started by pheonis, Feb 9, 2020.

  1. pheonis

    pheonis Member

    62
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    6:09 PM
    Last day I added vhost and WordPress using the 22 option. After adding the domain. It was opening fine.
    Then I applied, Http and non-www redirect to https and www version. My domain.com.ssl.conf value:
    PHP:
     server {
       
    server_name domain.com;
        return 
    302 https://www.domain.com$request_uri;
     
    }

    server {
      
    listen 443 ssl http2;
      
    server_name domain.com;
      return 
    302 https://www.domain.com$request_uri;
      
    ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
      
    ssl_certificate      /usr/local/nginx/conf/ssl/domain.com/domain.com.crt;
      
    ssl_certificate_key  /usr/local/nginx/conf/ssl/domain.com/domain.com.key;
      include /
    usr/local/nginx/conf/ssl_include.conf;
    }

    server {
      
    listen 443 ssl http2;
      
    server_name www.domain.com;
      
    ssl_dhparam /usr/local/nginx/conf/ssl/domain.com/dhparam.pem;
      
    ssl_certificate      /usr/local/nginx/conf/ssl/domain.com/domain.com.crt;
      
    ssl_certificate_key  /usr/local/nginx/conf/ssl/domain.com/domain.com.key;
      include /
    usr/local/nginx/conf/ssl_include.conf;
    Added Cloudflare line in the domain.com.ssl.conf
    Code:
    include /usr/local/nginx/conf/cloudflare.conf;
    Then set my Cloudflare SSL to "Full" in my Cloudflare dashboard.

    Now I am getting "ERR_TOO_MANY_REDIRECTS" error when I try to open my website in incognito mode.


    My Curl outputs:
    Code:
    curl -I http://domain.com
    Code:
    HTTP/1.1 302 Moved Temporarily
    Date: Sun, 09 Feb 2020 08:46:52 GMT
    Content-Type: text/html
    Connection: keep-alive
    Set-Cookie: __cfduid=db57d00760cc548ad9c85f29336c4ea8c1581238012; expires=Tue, 10-Mar-20 08:46:52 GMT; path=/; domain=.domain.com; HttpOnly; SameSite=Lax
    Location: https://www.domain.com/
    X-Powered-By: centminmod
    CF-Cache-Status: DYNAMIC
    Server: cloudflare
    CF-RAY: 56249348cd0be7ad-LAX
    
    Code:
    curl -I https://domain.com
    Code:
    HTTP/1.1 302 Moved Temporarily
    Date: Sun, 09 Feb 2020 08:50:23 GMT
    Content-Type: text/html
    Connection: keep-alive
    Set-Cookie: __cfduid=d3e6c453e272fcd749bbbc67dcc2b808a1581238223; expires=Tue, 10-Mar-20 08:50:23 GMT; path=/; domain=.domain.com; HttpOnly; SameSite=Lax
    Location: https://www.domain.com/
    X-Powered-By: centminmod
    CF-Cache-Status: DYNAMIC
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    Server: cloudflare
    CF-RAY: 562498701c30eabb-LAX
    
    Code:
    curl -I https://www.domain.com
    Code:
    HTTP/1.1 301 Moved Permanently
    Date: Sun, 09 Feb 2020 08:53:44 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Set-Cookie: __cfduid=d9750fda5d2913643304046b3cbe8ab311581238423; expires=Tue, 10-Mar-20 08:53:43 GMT; path=/; domain=.domain.com; HttpOnly; SameSite=Lax
    X-Redirect-By: WordPress
    Location: https://domain.com/
    X-Powered-By: centminmod
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-Page-Speed: 1.13.35.2-0
    Cache-Control: max-age=0, no-cache
    CF-Cache-Status: DYNAMIC
    Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
    Server: cloudflare
    CF-RAY: 56249d54bc1598ff-LAX
    
    Code:
    curl -I http://www.domain.com
    Code:
    HTTP/1.1 200 OK
    Date: Sun, 09 Feb 2020 08:57:13 GMT
    Content-Type: text/html; charset=UTF-8
    Connection: keep-alive
    Set-Cookie: __cfduid=d40f72a4a37b518e6e3f9a3a23f0949b91581238633; expires=Tue, 10-Mar-20 08:57:13 GMT; path=/; domain=.domain.com; HttpOnly; SameSite=Lax
    Vary: Accept-Encoding
    X-Powered-By: centminmod
    X-Page-Speed: 1.13.35.2-0
    Cache-Control: max-age=0, no-cache
    CF-Cache-Status: DYNAMIC
    Server: cloudflare
    CF-RAY: 5624a2765c4fe7d9-LAX
    
     
  2. eva2000

    eva2000 Administrator Staff Member

    54,523
    12,211
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,780
    Local Time:
    10:39 PM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    if you set non-https to https redirect on nginx level, disable HTTPS redirect/always use HTTPS in cloudflare dashboard or choose one method but not both
     
  3. pheonis

    pheonis Member

    62
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    6:09 PM
    I have set my SSL mode to Full(Encrypts end-to-end, using a self signed certificate on the server) in Cloudflare. As you pointed outHTTPS redirect/always use HTTPS. It's disabled. Still facing the issue.
     
  4. pheonis

    pheonis Member

    62
    3
    8
    Dec 21, 2018
    Ratings:
    +4
    Local Time:
    6:09 PM
    If i set the SSL mode to "Flexible(Encrypts traffic between the browser and Cloudflare)". Then My website opens with the Centmin page, not the bydefault Wordpress page.