I've been trying to set up SSL for my websites to no avail. I'm using NGINX on Ubuntu 18.04 as a reverse proxy for two NodeJS Express web servers. I used Certbot following these instructions . However, when trying to access my site via HTTPS, I get a "Site can't be reached"/"Took too long to respond" error.
Here's what my NGINX config in /etc/nginx/sites-available
looks like:
server {
listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
server_name MYURL.com www.MYURL.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/MYURL.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/MYURL.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
access_log /var/log/nginx/MYURL.access.log;
error_log /var/log/nginx/MYURL.error.log;
client_max_body_size 50M;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://localhost:3001;
}
}
When I replace the listen [::]:443 ssl
and listen 443 ssl
lines with listen 80;
and try to access the site with HTTP, it works fine.
Any idea what the problem might be?
EDIT: Also, I feel I should mention that my UFW status has 22/tcp (LIMIT), OpenSSH (ALLOW), and Nginx Full (ALLOW), as well as their v6 counterparts
It turns out the DigitalOcean firewall was not allowing HTTPS connections. I allowed HTTPS and switched proxy_pass https://localhost:3001;
to http://
and everything works now!
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.