Hello,

I am setting up a HTTPS server for the first time and I am using Nginx. I had Certbot get a cert for me and it edited the config file. Now my site (midwest.social) times out. I just wanted to test it by opening the default Nginx web page. Here is my sites-available config file:

`server {

# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;

root /var/www/html;

# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
	server_name midwest.social; # managed by Certbot


location / {
	# First attempt to serve request as file, then
	# as directory, then fall back to displaying a 404.
	try_files $uri $uri/ =404;
}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
	deny all;
}


	listen [::]:443 ssl ipv6only=on; # managed by Certbot
	listen 443 ssl; # managed by Certbot
	ssl_certificate /etc/letsencrypt/live/midwest.social/fullchain.pem; # managed by Certbot
	ssl_certificate_key /etc/letsencrypt/live/midwest.social/privkey.pem; # managed by Certbot
	include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
	ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}`

  • porkloin@lemmy.ml
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    3 years ago

    Yep, as @blank_sl8@lemmy.ml mentioned it’s very likely that you need to open port 443 on your server. Nginx is configured to listen there but your OS level config might not be allowing the traffic. Check firewalld or iptables depending on your server distro.

    Edit: oops, you already solved this while I was typing 😛

    • seahorse@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      What’s really weird is that my brother checked this earlier and it said the port was open.

    • seahorse@lemmy.mlOP
      link
      fedilink
      arrow-up
      1
      ·
      3 years ago

      Wow. I spent way too long looking into this. Thank you! I was talking to my brother and he said it was open. I see now that it was filtered so I opened it.