By sambath2358
actually i had setup my ubuntu server with vesta cp (apache with nginx proxy). i installed letsencrypt and it installed successfully. the problem is ssl works only with vestacp admin panel on port 8083. other than that document root (public_html) never works. I tried all possible fixes googling and it never worked. i checked everything. port 443 is open. but still not loading.
the error i get in firefox is : **"Secure Connection Failed, The connection to ****.com was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified."
none of my firewall configuration blocking it. i have removed and reinstalled letsencrypt certificates using certbot successfully but the same thing happens again. there are two files created by vestacp for nginx config. one is for normal http “nginx.conf” and another one is for https “snginx.conf” my nginx.conf has the following codes:
server {
listen 192.168.1.2:443;
ssl on;
server_name xxxxxxx.com www.xxxxxxx.com;
ssl_certificate /home/admin/conf/web/ssl.xxxxxxx.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.xxxxxxx.com.key;
error_log /var/log/apache2/domains/xxxxxxx.com.error.log error;
### Add SSL specific settings here ###
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.2:8443;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv|mov|mpeg|mpg|wmv|exe|iso|dmg|swf)$ {
root /home/admin/web/xxxxxxx.com/public_html;
access_log /var/log/apache2/domains/xxxxxxx.com.log combined;
access_log /var/log/apache2/domains/xxxxxxx.com.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias /home/admin/web/xxxxxxx.com/document_errors/;
}
location @fallback {
proxy_pass https://192.168.1.2:8443;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include /home/admin/conf/web/snginx.xxxxxxx.com.conf*;
}
the only modification i made here was code in “### Add SSL specific settings here ###” .i checked nginx config and restarted it was ok. but still not working.
there are two files created by vestacp for apache config. one is for normal http “apache2.conf” and another one is forhttps “sapache2.conf” my sapache2.conf file has following code in it
<VirtualHost 192.168.1.2:8443>
ServerName xxxxxxx.com
ServerAlias www.xxxxxxx.com
ServerAdmin admin@xxxxxxx.com
DocumentRoot /home/admin/web/xxxxxxx.com/public_html
ScriptAlias /cgi-bin/ /home/admin/web/xxxxxxx.com/cgi-bin/
Alias /vstats/ /home/admin/web/xxxxxxx.com/stats/
Alias /error/ /home/admin/web/xxxxxxx.com/document_errors/
SuexecUserGroup admin admin
CustomLog /var/log/apache2/domains/xxxxxxx.com.bytes bytes
CustomLog /var/log/apache2/domains/xxxxxxx.com.log combined
ErrorLog /var/log/apache2/domains/xxxxxxx.com.error.log
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/admin/conf/web/ssl.xxxxxxx.com.crt
SSLCertificateKeyFile /home/admin/conf/web/ssl.xxxxxxx.com.key
SSLCertificateChainFile /home/admin/conf/web/ssl.xxxxxxx.com.ca
<Directory /home/admin/web/xxxxxxx.com/public_html>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir /home/admin/web/xxxxxxx.com/public_html:/home/admin/tmp
php_admin_value upload_tmp_dir /home/admin/tmp
php_admin_value session.save_path /home/admin/tmp
</Directory>
<Directory /home/admin/web/xxxxxxx.com/stats>
AllowOverride All
</Directory>
<IfModule mod_ruid2.c>
RMode config
RUidGid admin admin
RGroups www-data
</IfModule>
<IfModule itk.c>
AssignUserID admin admin
</IfModule>
IncludeOptional /home/admin/conf/web/sapache2.xxxxxxx.com.conf*
</VirtualHost>
i tried reloading and restarting apache and nginx. it runs ok but https only works on port 8083, vestacp admin panel. i tried disabling firewalls and checked. the result is same.
all i can see is in chrome it reloads several times like establishing secure connection, connecting and finaly error follows after few seconds. in firefox, error as said above. i checked by placing a dummy index.html in my home directory (moving wordpress index.php). but same error comes.
please help me. i am cracking my head here…
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hello,
In case that anyone comes across this in the future, here are a few suggestions that might help:
1. Checking SSL Certificates
Ensure that the paths to the SSL certificates and keys are correct in both the nginx and apache configs:
SSLCertificateFileshould point to your full chain certificate (e.g./home/admin/conf/web/ssl.xxxxxxx.com.pem).SSLCertificateKeyFileshould point to your private key (e.g./home/admin/conf/web/ssl.xxxxxxx.com.key).
The error message you’re seeing in Firefox (“the authenticity of the received data could not be verified”) could be due to a problem with the SSL certificate, so it’s worth double-checking this.
2. Check Nginx to Apache Proxy Settings
In your nginx configuration, you are proxying requests to https://192.168.1.2:8443. Ensure that Apache is correctly configured to accept these proxied requests over SSL. If it’s not set up correctly, nginx could be attempting to proxy requests to Apache over SSL, while Apache is not configured to accept these requests, leading to the error.
To diagnose this, you might want to temporarily change the proxy pass in nginx to use http (e.g., proxy_pass http://192.168.1.2:8443;), and see if you can access your website over HTTP. If this works, then the issue is likely related to how Apache is configured to handle SSL.
3. Check VestaCP settings
VestaCP should handle the generation of the Apache and Nginx configurations automatically when you install an SSL certificate using the VestaCP interface. You might want to try reinstalling the SSL certificate using the VestaCP interface, and see if this resolves the issue.
4. Check Logs
When you’re seeing the issue, check the logs at /var/log/apache2/domains/xxxxxxx.com.error.log and /var/log/nginx/error.log for any error messages. These might provide a clue as to what is going wrong.
Best,
Bobby
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.