Certbot/LetsEncrypt HTTPS for NGINX reverse proxy not working

Question

I've been trying to set up SSL for my websites to no avail. I'm using NGINX on Ubuntu 18.04 as a reverse proxy for two NodeJS Express web servers. I used Certbot following these instructions . However, when trying to access my site via HTTPS, I get a "Site can't be reached"/"Took too long to respond" error.

Here's what my NGINX config in /etc/nginx/sites-available looks like:

server {

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl;  # managed by Certbot
    server_name MYURL.com www.MYURL.com;

    ssl on;

    ssl_certificate /etc/letsencrypt/live/MYURL.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/MYURL.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    access_log /var/log/nginx/MYURL.access.log;
    error_log /var/log/nginx/MYURL.error.log;

    client_max_body_size 50M;

    location / {
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;

            proxy_pass https://localhost:3001;
    }
}

When I replace the listen [::]:443 ssl and listen 443 ssl lines with listen 80; and try to access the site with HTTP, it works fine.

Any idea what the problem might be?

---

EDIT: Also, I feel I should mention that my UFW status has 22/tcp (LIMIT), OpenSSH (ALLOW), and Nginx Full (ALLOW), as well as their v6 counterparts

Answer 1

It turns out the DigitalOcean firewall was not allowing HTTPS connections. I allowed HTTPS and switched proxy_pass https://localhost:3001; to http:// and everything works now!