Question

HTTPS still not working after installing Certbot

Posted January 18, 2021 597 views
Nginx

I just finished following this tutorial: https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

But I still can’t get my server to work with https.. are there more steps after this? Do I have to use my certificate/private key somewhere else to finish setting this up?

One side note tho.. the certification was set to the domain name “highcalibersolution.com www.highcalibersolution.com” brought through namecheap and that is still not connected with my dropet (they said it takes about 48hours).. Will that might be the reason the HTTPS is not working? Because the domain isn’t fully connected with the droplet yet…

Thank you, let me know if I should share any error logs here that might be helpful

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer

Hi, @MassiveAquamarineCrab,

Until your DNS does not fully point to your Droplet with DigitalOcean, you might experience difficulties installing your SSL with Certbot.

If the installation of your SSL using Certbot was actually done it should’ve updated your Nginx configuration file so the problem might be there. I tried to open your website highcalibersolution.com however I was presented with a 500 Internal Server error. This again would suggest an issue with the configuration file.

As everything is pointing to the config file, can you please post a copy of it as a reply to this thread so that I can see what exactly is causing these issues?

Regards,
KFSys

  • Thanks a lot for your help.. here is my ngnix.conf

    user www-data;
    worker_processes auto;
    pid /run/nginx.pid;
    include /etc/nginx/modules-enabled/*.conf;
    
    events {
            worker_connections 768;
            # multi_accept on;
    }
    
    http {
    
            ##
            # Basic Settings
            ##
    
            sendfile on;
            tcp_nopush on;
            tcp_nodelay on;
            keepalive_timeout 65;
            types_hash_max_size 2048;
            # server_tokens off;
    
            server_names_hash_bucket_size 64;
            # server_name_in_redirect off;
    
            include /etc/nginx/mime.types;
            default_type application/octet-stream;
    
            ##
            # SSL Settings
            ##
    
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
            ssl_prefer_server_ciphers on;
    
            ##
            # Logging Settings
            ##
    
            access_log /var/log/nginx/access.log;
            error_log /var/log/nginx/error.log;
    
            ##
            # Gzip Settings
            ##
    
            gzip on;
    
            # gzip_vary on;
            # gzip_proxied any;
            # gzip_comp_level 6;
            # gzip_buffers 16 8k;
            # gzip_http_version 1.1;
            # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
    
            ##
            # Virtual Host Configs
            ##
    
            include /etc/nginx/conf.d/*.conf;
            include /etc/nginx/sites-enabled/default;
            include /etc/nginx/sites-enabled/highcalibersolution.com;
    }
    
    
    #mail {
    #       # See sample authentication script at:
    #       # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
    #
    #       # auth_http localhost/auth.php;
    #       # pop3_capabilities "TOP" "USER";
    #       # imap_capabilities "IMAP4rev1" "UIDPLUS";
    #
    #       server {
    #               listen     localhost:110;
    #               protocol   pop3;
    #               proxy      on;
    #       }
    #
    #       server {
    #               listen     localhost:143;
    #               protocol   imap;
    #               proxy      on;
    #       }
    #}
    

    this is the ngnix file for my site at /etc/ngnix/sites-available/highcalibersolution

    server {
    
            root /var/www/highcalibersolution/html;
            index index.html index.htm index.nginx-debian.html;
    
            server_name highcalibersolution.com www.highcalibersolution.com;
    
            location / {
                    try_files $uri /index.html;
            }
    
        listen [::]:443 ssl ipv6only=on; # managed by Certbot
        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/highcalibersolution.com/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/highcalibersolution.com/privkey.pem; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
    
    
    }
    server {
        if ($host = www.highcalibersolution.com) {
            return 301 https://$host$request_uri;
        } # managed by Certbot
    
    
        if ($host = highcalibersolution.com) {
            return 301 https://$host$request_uri;
        } # managed by Certbot
    
    
            listen 80;
            listen [::]:80;
    
            server_name highcalibersolution.com www.highcalibersolution.com;
        return 404; # managed by Certbot
    
    
    
    
    }