The plain HTTP request was sent to HTTPS port

Hi,

I think one of the latest updates of gitlab-ee at Debian 9 has broken my gitlab: when I try to access gitlab I get:
400 Bad Request
The plain HTTP request was sent to HTTPS port

I´ve searched a lot and there is no ssl = on setting in nginx set so far. Gitlab worked for a longer time without having any issues and I´ven´t changed my vhost config at nginx since I installed gitlab a year ago.
Is there any new ssl / nginx option new at gitlab, which could cause this problem?

I´m using a nginx reverse proxy and routed the internal gitlab nginx to port 8080. My external_url contains https://…
Has anyone a good hint?

vhost:
upstream gitlab {
server localhost:8080 fail_timeout=0;
}

server {
        listen                    80;
        server_name               git.xy.de;
        return 301 https://$server_name$request_uri;
}

server {
        listen                    443   ssl http2;
        server_name               git.xy.de;
        root /opt/gitlab/embedded/service/gitlab-rails/public;
        client_max_body_size      50m;

        ssl_certificate /etc/letsencrypt/live/git.xy.de/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/git.xy.de/privkey.pem;
        add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";

        access_log                /var/log/nginx/access.log;
        error_log                 /var/log/nginx/error.log;

  location ~ ^/[\w\.-]+/[\w\.-]+/(info/refs|git-upload-pack|git-receive-pack)$ {
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  location ~ ^/[\w\.-]+/[\w\.-]+/repository/archive {
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  location ~ ^/api/v3/projects/.*/repository/archive {
    error_page 418 = @gitlab-workhorse;
    return 418;
  }

  location ~ ^/[\w\.-]+/[\w\.-]+/builds/download {
      client_max_body_size 0;
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  location ~ /ci/api/v1/builds/[0-9]+/artifacts {
      client_max_body_size 0;
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  location ~ /api/v4/jobs/[0-9]+/artifacts {
      client_max_body_size 0;
      error_page 418 = @gitlab-workhorse;
      return 418;
  }

  if ($http_host = "") {
    set $http_host_with_default "git.cornify.de";
  }

  if ($http_host != "") {
    set $http_host_with_default $http_host;
  }

        location / {
                gzip                    off;

                proxy_read_timeout      300;
                proxy_connect_timeout   300;
                proxy_redirect          off;

                proxy_set_header        Host                $http_host;
                proxy_set_header        X-Real-IP           $remote_addr;
                proxy_set_header        X-Forwarded-For     $proxy_add_x_forwarded_for;
                proxy_set_header        X-Forwarded-Proto   https;
                proxy_set_header        X-Frame-Options     SAMEORIGIN;

                proxy_pass http://gitlab;
  }
        location ~ ^/(assets)/ {
                root /opt/gitlab/embedded/service/gitlab-rails/public;
                expires max;
                add_header Cache-Control public;
  }
}

gitlab.rb:
external_url ‘https://git.xy.de
nginx[‘listen_port’] = 8080

I realise this is old, but a search engine has indexed this with no answer.

gitlab.rb

##! **Override only if you use a reverse proxy**
##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#setting-the-nginx-listen-port
nginx['listen_port'] = 80

##! **Override only if your reverse proxy internally communicates over HTTP**
##! Docs: https://docs.gitlab.com/omnibus/settings/nginx.html#supporting-proxied-ssl
nginx['listen_https'] = false

hope this helps someone.

Scobber

it helped me.

1 Like

@MichaelSchmidt82 So great to hear! I’ll mark @Scobber’s comment above as the solution to make it clear as others come across this thread. Thanks!