Letsencrypt on Ubuntu 16.04/Nginx

Question

I tried following the tutorial below but when I go to check the connection via SSL Labs, I get Assessment failed: Unable to connect to the server. SSL Labs suggests this is a common error due to firewall settings.

My firewall settings are:

To                         Action      From
--                         ------      ----
22                         LIMIT       Anywhere                  
443                        ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22 (v6)                    LIMIT       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

chrisburton · Accepted Answer

So after editing the digitalocean file, it is now working. However, I have no idea when or why I created this file.

chrisburton · Answer

I have a file digitalocean inside of that directory with the following configuration: server { listen 80 default_server; listen [::]:80 default_server ipv6only=on; root /var/www/html; index index.php index.html index.htm; # Make site accessible from http://localhost/ server_name localhost; location / { # First attempt to serve request as file, then # as directory, then fall back to displaying a 404. try_files $uri $uri/ =404; # Uncomment to enable naxsi on this location # include /etc/nginx/naxsi.rules } error_page 404 /404.html; error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } location ~ \.php$ { include snippets/fastcgi-php.conf; fastcgi_pass unix:/run/php/php7.0-fpm.sock; } # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} } # another virtual host using mix of IP-, name-, and port-based configuration # #server { # listen 8000; # listen somename:8080; # server_name somename alias another.alias; # root html; # index index.html index.htm; # # location / { # try_files $uri $uri/ =404; # } #} # HTTPS server # #server { # listen 443; # server_name localhost; # # root html; # index index.html index.htm; # # ssl on; # ssl_certificate cert.pem; # ssl_certificate_key cert.key; # # ssl_session_timeout 5m; # # ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2; # ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; # ssl_prefer_server_ciphers on; # # location / { # try_files $uri $uri/ =404; # } #}

Flamber Hansen · Answer

@chrisburton

Okay, Nginx is not listening on port 443, which likely means you have not created server block configuration for https - or you have not activated it.

Do you have a https-configuration in /etc/nginx/site-enabled ?

You are welcome to post your configuration.

Flamber Hansen · Answer

Hi @chrisburton But when you visit your domain through a browser, do you get any errors? Have a look at the error log too in /var/log/nginx/error.log

Related

Question

Letsencrypt on Ubuntu 16.04/Nginx

Related