Nginx non-www redirect to www with SSL not working

nginx ubuntu

Just as a summary, the correct way to configure these redirects is:

server {
    listen 80;
    server_name example.com www.example.com;
    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    ssl_ciphers 'ECDHE-RSA-AES128...;

    return 301 https://www.example.com$request_uri;
}

server {
    listen 443 ssl;
    server_name www.example.com;
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;
    ... rules for the actual website ...
}

So, we have a server block for http for domains example.com and www.example.com doing the redirects.

Then we have a server block for https for domain example.com doing the redirect.

Then we have the server block for https for domain www.example.com, which contains the setup for the actual website.

Related

Nginx tries to run on port 80 but the configs have been removed
systemd-timesyncd requires incoming ephemeral ports opened
Postfix configuration: different outgoing hosts based on sender
Relase outgoing mails to internet if local delivery failes
Oracle Enterprise Linux installation can't see local disks on HP ProLiant DL360e Gen8
libc6 dependency mismatch in Debian 9.12 stretch
MailboxExportRequest ContentFilter is "Received -ne $null" when querying by date
What effect do the user and role labels have on a file in SELinux?
Solaris: detect hotswap SATA disk insert
SSH Fails, /bin/bash: No such file or directory
Route mail in postfix to different relays based on subject
Read access control with Mercurial and Apache