Score:1

Server

Why am I unable to access my website after installing an SSL certificate using Certbot? (running Ubuntu and Nginx)

momomo

1/11/23, 10:52 PM

I can not establish a connection to port 443 on my nginx server.

I needed port 443 to enable https connections, I used certbot to install an ssl certificate, and I went with the default installation, and default instructions in this guide

Even though I've set the 'nginx full' command to open both http and https ports, I double checked to make sure that port 443 is really open by running the following command sudo lsof -i -P -n | grep LISTEN, and in the response, I got port 443 as being used by nginx

I tried tools like cURL to test my ports, port 80 works just fine, but I get no response from port 443

I lack experience with server administration and I tried to check other resources but I don't know what else to do.

my sites-available configuration:

server {

        root /var/www/muhammed-aldulaimi.com/html;
        index index.html index.htm index.nginx-debian.html;

        server_name muhammed-aldulaimi.com www.muhammed-aldulaimi.com;

        location / {
                try_files $uri $uri/ =404;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/muhammed-aldulaimi.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/muhammed-aldulaimi.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = www.muhammed-aldulaimi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = muhammed-aldulaimi.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
        listen [::]:80;

        server_name muhammed-aldulaimi.com www.muhammed-aldulaimi.com;
    return 404; # managed by Certbot

}

ufw status:

22/tcp                     ALLOW       Anywhere
Nginx Full                 ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
Nginx Full (v6)            ALLOW       Anywhere (v6)

479

0 + 0

ubuntu

nginx

certbot

Michael Hampton

1/11/23, 11:43 PM

Check your Amazon security group.

John Hanley

1/12/23, 12:31 AM

From an external system, test the response on port 443. Replace exampe.com with your domain name. Try **curl -v https://example.com**. Try **curl -v https://IP-ADDRESS**. If you get connection refused, you have a firewall blocking access or Nginx is not configured correctly for port 443. If the connection succeeds, review the error after the connect. There are many errors that can be reported after connect.

momomo

1/12/23, 9:10 AM

@MichaelHampton I have one rule in my security group, and that is allow on all ports. I don't think that is the source of this problem...

momomo

1/12/23, 10:26 AM

@JohnHanley I experiemented with different combination of open ports and server blocks. I opened port 81, had a server block serve a basic html file on port 81, and tested with curl, I got connection timeout. The same exact process happens with 443 (I decided to test 81 because I thought maybe it had something to do with SSL). At this point only port 80 works.

John Hanley

1/12/23, 12:55 PM

Either a firewall is blocking the connection or Nginx is failing. Check the logs for error messages on the startup of Nginx.

Score:1

Server

momomo

1/12/23, 11:56 AM

After verifying that there was no issue in ubuntu's firewall settings, I assumed that the issue lied in the web host itself. I was using AWS Lightsail, and turned out that Lightsail only accepted connections coming from port 22 and 80. Adding a rule that accepted other ports in the Networking tab; solved my issue.

0 + 0

djdomi

1/12/23, 2:24 PM

remember that you need to accept your own answer.

momomo

1/13/23, 12:28 AM

@djdomi Yes I'm afraid I need to wait 24 hours for it.

buncis

1/11/24, 9:28 AM

then why I stil can't reach my server even though I have revert my nginx config to 80 only? edit: oh its because chrome save my last tried access is using https instead http

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Why am I unable to access my website after installing an SSL certificate using Certbot? (running Ubuntu and Nginx)

TH: เหตุใดฉันจึงไม่สามารถเข้าถึงเว็บไซต์ของฉันหลังจากติดตั้งใบรับรอง SSL โดยใช้ Certbot (ใช้ Ubuntu และ Nginx)

RO: De ce nu pot accesa site-ul meu web după ce am instalat un certificat SSL folosind Certbot? (care rulează Ubuntu și Nginx)

RU: Почему я не могу получить доступ к своему веб-сайту после установки SSL-сертификата с помощью Certbot? (под управлением Ubuntu и Nginx)

VI: Tại sao tôi không thể truy cập trang web của mình sau khi cài đặt chứng chỉ SSL bằng Certbot? (chạy Ubuntu và Nginx)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.