Unable to connect to server after following this setup tutorial for nginx with ssl over http2 on my Ubuntu droplet.
DNS records at Namecheap.com are set to Custom DNS pointing to: ns1.digitalocean.com ns2.digitalocean.com ns3.digitalocean.com
I have the following records at the Domain Name Control Panel @ Digital Ocean Droplet: type / hostname / value /ttl A - *.plasticsrev.club - 104.131.129.214 - 3600 A - plasticsrev.club - 104.131.129.214 - 3600 NS - plasticsrev.club - ns1.digitalocean.com - 1800 NS - plasticsrev.club - ns2.digitalocean.com - 1800 NS - plasticsrev.club - ns3.digitalocean.com - 1800
Ping test for plasticsrev.club:
PING plasticsrev.club (104.131.129.214): 56 data bytes
64 bytes from 104.131.129.214: icmp_seq=0 ttl=57 time=51.727 ms
64 bytes from 104.131.129.214: icmp_seq=1 ttl=57 time=52.775 ms
64 bytes from 104.131.129.214: icmp_seq=2 ttl=57 time=54.574 ms
64 bytes from 104.131.129.214: icmp_seq=3 ttl=57 time=53.471 ms
64 bytes from 104.131.129.214: icmp_seq=4 ttl=57 time=56.712 ms
64 bytes from 104.131.129.214: icmp_seq=5 ttl=57 time=53.874 ms
--- plasticsrev.club ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 51.727/53.856/56.712/1.556 mscode
Ping test for www.plasticsrev.club:
PING www.plasticsrev.club (104.131.129.214): 56 data bytes
64 bytes from 104.131.129.214: icmp_seq=0 ttl=57 time=52.069 ms
64 bytes from 104.131.129.214: icmp_seq=1 ttl=57 time=52.484 ms
64 bytes from 104.131.129.214: icmp_seq=2 ttl=57 time=53.466 ms
64 bytes from 104.131.129.214: icmp_seq=3 ttl=57 time=54.178 ms
64 bytes from 104.131.129.214: icmp_seq=4 ttl=57 time=53.623 ms
64 bytes from 104.131.129.214: icmp_seq=5 ttl=57 time=50.825 ms
--- www.plasticsrev.club ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 50.825/52.774/54.178/1.122 ms
Nginx config file /etc/nginx/sites-available/default :
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name plasticsrev.club www.plasticsrev.club;
location ~ /.well-known {
allow all;
}
When I run $ sudo ufw status
I get: Status: inactive.
Thanks for your help!
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
@julsgud
First, I’d recommend cleaning up the file and getting rid of all the commented directives that you don’t need. That’d leave us with:
Now, the first issue depends on if you have other configurations (server blocks) in the same directory as this one. If you do and you’ve modified them, we’d need to look at them too.
The second issue is that you’ve not actually setup SSL for this domain. You’re not defining the path to the SSL Certificate, you’re missing the SSL configuration, and there’s no redirect to push requests on port 80 to 443 so that all traffic gets served over SSL.
There’s also the default location block missing to tell how to handle incoming requests.
To properly serve content over SSL, you’d want to use something such as what I’m showing below, which has been customized for your domain, so it’s basically a copy and paste. You’d paste all of this in to a single file.
You’d need to modify these two lines:
… and replace the paths to match the location of your certificate and private key. The location block I have setup is just a starter. What you’d actually use depends on the type of site you’re hosting. We can modify that as needed.
Hey! Thanks for your response!
I get the following when doing
sudo tail -20 /var/log/nginx/error.log
Here is my full /etc/nginx/sites-enabled/default file:
Can’t see where that extra ‘}’ appears!
@julsgud
We’d need to see the full server block to take a look at the configuration. It looks like the one you’ve posted has been cut off :-).
Also, please run the following command and post the output in a code block as well: