0

Sorry if this question was asked before but I tried the suggestions in there and still cannot resolved it.

I’m running Django project behind Nginx on my VPS. Main project is at https://myproject.com (port 443) and works like a charm.

I want to expose a second Django project at https://myproject.com:8001 but I couldn't load it on that address, I got the error mentioned in the title: no ssl_certificate is defined for the listen … ssl directive” on custom port 8001

For this, I updated /etc/nginx/sites-available/myproject to this (first part works fine for the main project at https://myproject.com, the second part is where I encounter some issues (marked with # NEW CONFIG FOR SECOND PROJECT (on :8001)):

# Redirect all HTTP requests to HTTPS
server {
    listen 80;
    server_name myproject.com www.myproject.com;

    return 301 https://$host$request_uri;
}

# Serve the app over HTTPS
server {
    listen 443 ssl;
    server_name myproject.com www.myproject.com;

    ssl_certificate /etc/letsencrypt/live/myproject.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/myproject.com/privkey.pem;

    location = /favicon.ico { access_log off; log_not_found off; }
    location /static/ {
        alias /home/myname/myproject/staticfiles/;
    }

    location /media/ {
        alias /home/myname/myproject/media/;
        access_log off;
        expires 1h;
    }

    location / {
        include proxy_params;
        proxy_pass http://127.0.0.1:8000;
    }
}

##########################################
# NEW CONFIG FOR SECOND PROJECT (on :8001)
# HTTP on :8001 → HTTPS on :8001
server {
    listen 8001;
    server_name myproject.com www.myproject.com;

    return 301 https://$host:8001$request_uri;
}

# HTTPS on :8001 for second project
server {
    listen 8001 ssl;
    server_name myproject.com www.myproject.com;

    ssl_certificate /etc/letsencrypt/live/myproject.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/myproject.com/privkey.pem;

    # Optional per-app static/media (comment out if not used)
    location /static/ { alias /home/myname/project2/staticfiles/; }
    location /media/  { alias /home/myname/project2/media/; access_log off; expires 1h; }

    location / {
        include proxy_params;
        proxy_pass http://127.0.0.1:9001;
    }
}
Improve this question
5
  • try deleting the non ssl server block for 8001. Commented Sep 1 at 23:02
  • That works, but then how can redirect visitors of http://myproject.com:8001 to https://myproject.com:8001 ? Commented Sep 2 at 10:39
  • I wanted to see what block was causing the breaking changes. ill think about this a bit but I may also pull www vs non ww into their own directives to rule out its not an issue with that. (shouldn't be) but best to isolate things for debugging Commented Sep 2 at 15:07
  • also just to confirm, your proxy pass is :9001, is that also supposed to be 8001 from your app? Commented Sep 2 at 15:10
  • I have not had a chance to test it with multiple projects locally, but maybe this will help? gist.github.com/audetcameron/d0ce164d11bc795fd07435a44b62325a Commented Sep 2 at 15:58

1 Answer 1

Reset to default
1

You can’t use the same port for HTTP and HTTPS in Nginx. That’s why you get the no ssl_certificate is defined error.

Basically, each port can only be either HTTP or HTTPS. So for your second project:

  • Use one port (say 8001) for HTTPS with your SSL certificate.

  • If you want HTTP too, use a different port (like 8000) and redirect it to HTTPS.

Example for HTTPS only:

server {
    listen 8001 ssl;
    server_name myproject.com www.myproject.com;

    ssl_certificate /etc/letsencrypt/live/myproject.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/myproject.com/privkey.pem;

    location / {
        include proxy_params;
        proxy_pass http://127.0.0.1:9001;
    }
}

After that, test and reload Nginx:

sudo nginx -t
sudo systemctl reload nginx
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.