Search code examples
sslnginxwebserverweb-development-serverhttp-status-code-400

After renewing letsencrypt SSL certifications, server only returns response code 400

I recently tried to renew my letsencrypt ssl certificate, but once I did that, I’ve been coming down with 400 server responses whenever I try to connect to my website. I’ve tried absolutely everything I can think of. I have attached a copy of my Nginx error log file with the level set to debug, and my server configuration file. Any help is super appreciated.

I'm using Django, Nginx, and Gunicorn on my server.

I ran the command certbot renew to renew the cert.

Once that was done, I got nothing but 400 responses.

In addition, when I try to connect to the site, I get a Django error output:


Report at /
Invalid HTTP_HOST header: 'testing.com,testing.com'. The domain name provided is not valid according to RFC 1034/1035.

It might have something to do with the repeated url, but I'm not sure if that's it either.

Below is my nginx configuration file in sites-available.



server { # redirection logic
        listen 80; # port to listen on
        return 301 https://$host$request_uri*;
}

server {
    listen 443 ssl; # listen for HTTPS
    server_name testing.com www.testing.com; # server name to use
    ssl_certificate /etc/letsencrypt/live/testing.com/fullchain.pem; # ssl certs
    ssl_certificate_key /etc/letsencrypt/live/dt-testing.com/privkey.pem;   
    location = /favicon.ico { access_log off; log_not_found off; } # site icon to use
    location /static/ { # location of static files
        root /websites/DT/path/;
    }

    location / {
        proxy_set_header Host $host;
        include proxy_params;
        proxy_pass http://unix:/websites/DT/run/gunicorn.sock; # connector to gunicorn
    #error_page 405 =200 $uri;
    }

    rewrite_log on;
    error_log /var/log/nginx/error_log debug;
}

Here is my nginx debug log output.


"GET / HTTP/1.0
Host: testing.com
Host: testing.com
X-Real-IP: 185.252.151.5
X-Forwarded-For: 185.252.151.5
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Linux; Android 7.1.1; Nexus 6P Build/NOF27C) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.81 Mobile Safari/537.36
Accept-Language: en-us,en-gb,en;q=0.7,*;q=0.3
Accept-Charset: utf-8,ISO-8859-1;q=0.7,*;q=0.7
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: x-gzip, gzip, deflate

"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http cleanup add: 000055DF21463240
2019/04/06 00:02:56 [debug] 11579#11579: *12 get rr peer, try: 1
2019/04/06 00:02:56 [debug] 11579#11579: *12 stream socket 15
2019/04/06 00:02:56 [debug] 11579#11579: *12 epoll add connection: fd:15 ev:80002005
2019/04/06 00:02:56 [debug] 11579#11579: *12 connect to unix:/websites/DT/run/gunicorn.sock, fd:15 #13
2019/04/06 00:02:56 [debug] 11579#11579: *12 connected
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream connect: 0
2019/04/06 00:02:56 [debug] 11579#11579: *12 posix_memalign: 000055DF2142F410:128 @16
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream send request body
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer buf fl:1 s:524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer in: 000055DF214F97D0
2019/04/06 00:02:56 [debug] 11579#11579: *12 writev: 524 of 524
2019/04/06 00:02:56 [debug] 11579#11579: *12 chain writer out: 0000000000000000
2019/04/06 00:02:56 [debug] 11579#11579: *12 event timer add: 15: 60000:4664042409
2019/04/06 00:02:56 [debug] 11579#11579: *12 http finalize request: -4, "/?" a:1, c:2
2019/04/06 00:02:56 [debug] 11579#11579: *12 http request count:2 blk:0
2019/04/06 00:02:56 [debug] 11579#11579: *12 http run request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream check client, write event:1, "/"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:56 [debug] 11579#11579: *12 http upstream dummy handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream request: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream process header
2019/04/06 00:02:57 [debug] 11579#11579: *12 malloc: 000055DF21502980:4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: eof:1, avail:1
2019/04/06 00:02:57 [debug] 11579#11579: *12 recv: fd:15 160 of 4096
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy status 400 "400 Bad Request"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Server: gunicorn/19.9.0"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Date: Sat, 06 Apr 2019 00:02:57 GMT"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Connection: close"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header: "Content-Type: text/html"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy header done
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter header
2019/04/06 00:02:57 [debug] 11579#11579: *12 HTTP/1.1 400 Bad Request
Server: nginx/1.15.5 (Ubuntu)
Date: Sat, 06 Apr 2019 00:02:57 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:0 f:0 s:173
2019/04/06 00:02:57 [debug] 11579#11579: *12 http cacheable: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 posix_memalign: 000055DF21503990:4096 @16
2019/04/06 00:02:57 [debug] 11579#11579: *12 http proxy filter init s:400 h:0 c:0 l:-1
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream process upstream
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe read upstream: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe preread: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 readv: eof:1, avail:0
2019/04/06 00:02:57 [debug] 11579#11579: *12 readv: 1, last:3936
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe recv chain: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe buf free s:0 t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe length: -1
2019/04/06 00:02:57 [debug] 11579#11579: *12 input buf #0
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream flush in
2019/04/06 00:02:57 [debug] 11579#11579: *12 http output filter "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 image filter
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter body
2019/04/06 00:02:57 [debug] 11579#11579: *12 http postpone filter "/?" 000055DF214F9B88
2019/04/06 00:02:57 [debug] 11579#11579: *12 http chunk: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF21503B30, pos 000055DF21503B30, size: 4 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:0 f:0 0000000000000000, pos 000055DF20B058DA, size: 2 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:0 f:0 s:205
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: 0 "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 pipe write downstream done
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer del: 15: 4664042409
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer add: 15: 60000:4664043593
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream exit: 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 finalize http upstream request: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 finalize http proxy request
2019/04/06 00:02:57 [debug] 11579#11579: *12 free rr peer 1 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 close http upstream connection: 15
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF2142F410, unused: 48
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer del: 15: 4664043593
2019/04/06 00:02:57 [debug] 11579#11579: *12 reusable connection: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http upstream temp fd: -1
2019/04/06 00:02:57 [debug] 11579#11579: *12 http output filter "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 image filter
2019/04/06 00:02:57 [debug] 11579#11579: *12 xslt filter body
2019/04/06 00:02:57 [debug] 11579#11579: *12 http postpone filter "/?" 00007FFD2D728F60
2019/04/06 00:02:57 [debug] 11579#11579: *12 http chunk: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF214F9AC8, pos 000055DF214F9AC8, size: 173 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF21503B30, pos 000055DF21503B30, size: 4 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:1 f:0 000055DF21502980, pos 000055DF21502A06, size: 26 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write old buf t:0 f:0 0000000000000000, pos 000055DF20B058DA, size: 2 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 write new buf t:0 f:0 0000000000000000, pos 000055DF20B058D7, size: 5 file: 0, size: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter: l:1 f:0 s:210
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter limit 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 posix_memalign: 000055DF21506530:512 @16
2019/04/06 00:02:57 [debug] 11579#11579: *12 malloc: 000055DF214ED330:16384
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 173
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 4
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 26
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 2
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL buf copy: 5
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL to write: 210
2019/04/06 00:02:57 [debug] 11579#11579: *12 SSL_write: 210
2019/04/06 00:02:57 [debug] 11579#11579: *12 http write filter 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 http copy filter: 0 "/?"
2019/04/06 00:02:57 [debug] 11579#11579: *12 http finalize request: 0, "/?" a:1, c:1
2019/04/06 00:02:57 [debug] 11579#11579: *12 set http keepalive handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 http close request
2019/04/06 00:02:57 [debug] 11579#11579: *12 http log handler
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21502980
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21462260, unused: 8
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214F8C60, unused: 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF21503990, unused: 3070
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214181D0
2019/04/06 00:02:57 [debug] 11579#11579: *12 hc free: 0000000000000000
2019/04/06 00:02:57 [debug] 11579#11579: *12 hc busy: 0000000000000000 0
2019/04/06 00:02:57 [debug] 11579#11579: *12 free: 000055DF214ED330
2019/04/06 00:02:57 [debug] 11579#11579: *12 reusable connection: 1
2019/04/06 00:02:57 [debug] 11579#11579: *12 event timer add: 8: 65000:4664048593
2019/04/06 00:02:58 [debug] 11579#11579: *12 http keepalive handler
2019/04/06 00:02:58 [debug] 11579#11579: *12 malloc: 000055DF214181D0:1024
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_read: 0
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_get_error: 6
2019/04/06 00:02:58 [debug] 11579#11579: *12 peer shutdown SSL cleanly
2019/04/06 00:02:58 [info] 11579#11579: *12 client 185.252.151.5 closed keepalive connection
2019/04/06 00:02:58 [debug] 11579#11579: *12 close http connection: 8
2019/04/06 00:02:58 [debug] 11579#11579: *12 SSL_shutdown: 1
2019/04/06 00:02:58 [debug] 11579#11579: *12 event timer del: 8: 4664048593
2019/04/06 00:02:58 [debug] 11579#11579: *12 reusable connection: 0
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF214181D0
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 0000000000000000
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF21431E10, unused: 16
2019/04/06 00:02:58 [debug] 11579#11579: *12 free: 000055DF21506530, unused: 400
Solution

  • I figured out what the problem was. I suspect that cerbot renew updated the nginx software somehow, which made it render the configuration file above differently. The line proxy set header was the one doubling the incoming header, but because I had a bug in my Python code on the Django side, it wasn't working.