SSL Redirect not working?

[spcqike]

Checklist

• Have you pulled and found the error with jc21/nginx-proxy-manager:latest docker image? Yes (Version 2.7.1 (72ac549) 2020-11-18 23:10:17 AEST, OpenResty 1.15.8.3, Alpine 3.1 2.0, Kernel 4.15.0-122-generic)
• Are you sure you're not using someone else's docker image? no
• If having problems with Lets Encrypt, have you made absolutely sure your site is accessible from outside of your network? not LE related

Describe the bug SSL Redirect does not work. I use a costum SSL Cert (no LE), and checked SSL redirect. the related proxy.conf gets changed, but there is no redirect. it just adds 2 empty lines between line 25 and line 34 (there are a lot of empty lines, tho)

To Reproduce create proxy host, add ssl certificate, check redirect.

Expected behavior add some sort of "return 301 https://$host$request_uri;"

Screenshots if needed, i can add some

Operating System

• NPM on Docker 19.03.14, running in a VM on a Dell Server.

Additional context its possible to access the website through http://sub.domain.com and https://sub.domain.com. the certificate gets handled out and is accepted just fine. there is just no redirect at all :)

[spcqike]

after further investigation, it seems, that the lines

 # Force SSL
    include conf.d/include/force-ssl.conf;

are missing in proxy_hosts, that contain a location.

in my case, i run php5 and php7 along with NPM in docker, both php instances have the same /var/www/html folder, they use different ports. so want to use like "sub1.domain.com" to give me "localhost:8100/sub1" and "sub2.domain.com" to "localhost:8200/sub2"

i dont know if this is "best practise", but it works well so far.

if i add this include conf.d/include/force-ssl.conf; after location/ { within the proxy.conf, everything works fine. so i guess it's a bug, that Force SSL is not added, when using locations :)

[escservices]

Can confirm, I'm having the same issues trying to reverse proxy Apache Guacamole. Force SSL doesn't seem to work on any configs that use a location block whether it's added via the "Custom Locations" tab or the "Advanced" tab. Also adding include conf.d/include/force-ssl.conf; as spcqike mentioned solved the issue for me as well.

[vleeuwenmenno]

This bug seems to still exist. Any workaround?

UPDATE: If I read a bit better I would've seen the message above. Config structure has changed slightly but by adding include conf.d/include/force-ssl.conf; to default.conf below the other includes inside the location/ { everything started working fine after a quick restart of the container.

Of course this isn't a permanent fix because rebuilding the container would require reapplying this too.

[leikoilja]

can confirm the bug on v2.9.18. i had to manually add include conf.d/include/force-ssl.conf; to default.conf, but it has to go before location/ {

[vleeuwenmenno]

can confirm the bug on v2.9.18. i had to manually add include conf.d/include/force-ssl.conf; to default.conf, but it has to go before location/ {

You're right my bad, it has to go before the tag indeed. But this isn't a permanent fix when you recreate the container it will wipe the change.

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1:

[duduws]

Sorry, but im trying to figure out how can i modify the default.conf cause im doing the changes using portainer and inside containers of NPM and guamacole, im trying to add the "include conf.d..." but cant figure out how can i do that, you guys solved the problem to use guacamole with nginx?

[github-actions[bot]]

Issue is now considered stale. If you want to keep it open, please comment :+1: