Question

Can't access site via https after installing ssl certificate (Nginx, Ubuntu 14.04)

I am getting the “took too long to respond” timing out error in browser. There is an issue accessing the site on port 443 but there are no firewalls.

This is not the default server block. I have another site on SSL however that is an “external” cloudflare ssl.

No errors in nginx logs.

Here is the server block:

server {
       listen 80;
       listen [::]:80;
       listen 443 ssl;

       server_name mydomain.com www.mydomain.com;

      # return         301 https://$server_name$request_uri;

        error_log    /var/log/nginx/mydomain.com.error.log debug;

        root /var/www/mydomain.com/html;
        index index.php;

        set $cache_uri $request_uri;

	# POST requests and urls with a query string should always go to PHP
	if ($request_method = POST) {
		set $cache_uri 'null cache';
	}   
	if ($query_string != "") {
		set $cache_uri 'null cache';
	} 

        ssl_certificate /etc/nginx/ssl/mydomain/ssl-bundle.crt;
        ssl_certificate_key /etc/nginx/ssl/mydomain/mydomain.key;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

        # Use cached or actual file if they exists, otherwise pass request to WordPress
	location / {
		try_files /wp-content/cache/page_enhanced/${host}${cache_uri}_index.html $uri $uri/ /index.php?$args ;
        }

        location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
        expires max; log_not_found off; access_log off;
        add_header Pragma public;
        add_header Cache-Control "public";
        }

        error_page 404 /404.html;

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass unix:/var/run/php5-fpm.sock;
                fastcgi_index index.php;
                include fastcgi_params;
                fastcgi_buffer_size 128k;
                fastcgi_buffers 4 256k;
                fastcgi_busy_buffers_size 256k;
        }
}


Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

lets do a flow based analysis

run below command

  1. lsof -i :443

if it says COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME nginx 7428 root 23u IPv4 76877969 0t0 TCP *:https (LISTEN) nginx 26768 www-data 23u IPv4 76877969 0t0 TCP *:https (LISTEN)

than you should look at number 3

  1. if it doesnt show anything look for your config file where you define the hosting to be residing inside sites-enabled directory not the sites-available

  2. telnet localhost 443 if it worked and you get the response. than curl -vvvvvv https://localhost/

  3. if it still didnot worked than you can contact superdevop.com to have a look for free. if its small glitch we do it for free.

I would recheck to see for sure if you do not have any firewalls running. If you do, check to see if 443 is opened. If I remember correctly, my VPS came with a firewall that I had to opened specific ports to, so please recheck this.

Your server block seems to be ok. It could be an issue with the keys, which I’d suggest regenerating. It could also be that the keys themselves are in a folder with permissions issues.

I use my keys from LetsEncrypt, which look like the below.

  ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem;

Sorry, this one has me a little stumped too.