Laravel 4.2 и HTTPS, что я делаю не так?

Question

Дмитрий Шведченко @kbu

Laravel 4.2 и HTTPS, что я делаю не так?

Приветствую уважаемое комюнити,
прошу подсказать что я делаю не так:

Есть приложение на Laravel, роуты работают, все хорошо. Возникла необходимость включить https для сайта.
Использую nginx, конфиг для хоста такой:

server {
listen 443 ssl spdy;
server_name server.com;
keepalive_timeout 70;
error_log /var/log/nginx/server-errors.log;
access_log /var/log/nginx/server-access.log;
root /srv/www/server.com/;
index index.php;
ssl on;
ssl_certificate /etc/nginx/ssl/server.com/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.com/server.key;
ssl_dhparam /etc/nginx/ssl/dhparam.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers kEECDH+AESGCM+AES128:kEECDH+AES128:kRSA+AESGCM+AES128:kRSA+AES128:!RC4:!aNULL:!eNULL:!MD5:!EXPORT:!LOW:!SEED:!CAMELLIA:!IDEA:!PSK:!SRP:!SSLv2;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
add_header Content-Security-Policy-Report-Only "default-src https:; script-src https: 'unsafe-eval' 'unsafe-inline'; style-src https: 'unsafe-inline'; img-src https: data:; font-src https: data:; report-uri /csp-report";
resolver 127.0.0.1;
resolver_timeout 10s;

add_header Strict-Transport-Security "max-age=31536000";
location / {
# Front Controller Pattern
# Roundcube doesn't require the query string /index.php?q=$uri&$args, and can read from REQUEST_URI /index.php
try_files $uri $uri/ /index.php;
#auth_basic "Restricted"; #For Basic Auth
#auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth
}
# Deny access to the following files
location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
deny all;
}
# Deny access to the following directories
location ~ ^/(config|temp|logs)/ {
deny all;
}
# Deny access to hidden/important files e.g: .htaccess .htpasswd
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
location = /favicon.ico {
access_log off;
log_not_found off;
}
location ~* \.(?:v|s|css|js|jp?g|gif|png|ico|mp3|wav|swf)$ {
expires 1y;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
fastcgi_hide_header Set-Cookie;
access_log off;
}
# Pass the PHP scripts to FastCGI server (locally with unix: param to avoid network overhead)
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/tmp/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}

в routes.php пробовал прописывать:

Route::get('foo', array('https', function()
{
return 'Must be over HTTPS';
}));
или
Route::group(['before' => 'forceHttps'], function(){
Route::resource('websrv', 'RegistrationAppController');
});

в filters.php пробовал играться с

App::before(function($request)
{
if( ! Request::secure() )
{
return Redirect::secure( Request::path() );
}
});

Route::filter('secure', function () {
if (! Request::secure()) {
return Redirect::secure(
Request::path(),
in_array(Request::getMethod(), ['POST', 'PUT', 'DELETE']) ? 307 : 302
);
}
});
Route::when('*', 'secure');

Route::filter('forceHttps', function($req){
if (! Request::secure()) {
return Redirect::secure(Request::getRequestUri());
}
});