“400 Bad Request The plain HTTP request was sent to HTTPS port” Nginx

Linode Staff

Why do I receive this error when attempting to access my secure website? SSL is turned on, and my server is listening over port 80 and 443 in my configuration block.

A snippet of my nginx config:

server { # docs.example.com
listen 80;
listen 443 ssl;

ssl          on;
ssl_certificate /root/example_certificate.pem;
ssl_certificate_key   /root/example_key.key;

server_name  docs.example.com;
access_log   /var/log/nginx/access.log;

2 Replies

Hello There!

The reason you are seeing this error is due to an easily fixed configuration issue. When the client tries to access your site via HTTP, over port 80, the request is redirected to HTTPS, over port 443. However, nginx is expecting the original request to arrive using SSL over port 443.

This article may be of great help when troubleshooting this issues.

As you can see, in the sample configuration in the above link, there are two separate blocks for port 80 and port 443. Altering your configuration in this way may fix your problem.

In addition, you will want to comment out the ssl on; line. Alternatively, you can turn ssl off.

This can be done like so:

#ssl on 
ssl off

As a refresher, here is our guide on how to Enable TLS on Nginx for HTTPS Connections.

I hope this helps, and happy web serving!

Basically what you want is two separate server {} blocks:

1 - Plain http (no SSL / TLS)

server {
    listen 80 default_server;
    listen [::]:80 default_server;

# NO "ssl on" HERE!!!

    rewrite ^ https://$server_name$uri last;

The "rewrite" is not essential - you can do anything you want - but this redirects http:// to https:// (common pattern these days).

2 - https (with SSL / TLS enabled)

server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

        ssl on;
        ssl_certificate /etc/....pem;
        ssl_certificate_key /etc/....pem;

# Other ssl_ directives here

# Your content directives such as

        root /var/www/html;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;

# .... more content serving stuff here ...


Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct