Question

Letsencrypt on Ubuntu 16.04/Nginx

I tried following the tutorial below but when I go to check the connection via SSL Labs, I get Assessment failed: Unable to connect to the server. SSL Labs suggests this is a common error due to firewall settings.

My firewall settings are:

To                         Action      From
--                         ------      ----
22                         LIMIT       Anywhere                  
443                        ALLOW       Anywhere                  
80                         ALLOW       Anywhere                  
22 (v6)                    LIMIT       Anywhere (v6)             
443 (v6)                   ALLOW       Anywhere (v6)             
80 (v6)                    ALLOW       Anywhere (v6)

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Submit an answer


This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

chrisburtonApril 13, 2017
Accepted Answer

So after editing the digitalocean file, it is now working. However, I have no idea when or why I created this file.

chrisburtonApril 13, 2017

I have a file digitalocean inside of that directory with the following configuration:

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

       root /var/www/html;
        index index.php index.html index.htm;

        # Make site accessible from http://localhost/
        server_name localhost;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }

        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;

        location = /50x.html {
                root /usr/share/nginx/html;
        }

        location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}

# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#       listen 8000;
#       listen somename:8080;
#       server_name somename alias another.alias;
#       root html;
#       index index.html index.htm;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}


# HTTPS server
#
#server {
#       listen 443;
#       server_name localhost;
#
#       root html;
#       index index.html index.htm;
#
#       ssl on;
#       ssl_certificate cert.pem;
#       ssl_certificate_key cert.key;
#
#       ssl_session_timeout 5m;
#
#       ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
#       ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
#       ssl_prefer_server_ciphers on;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}
Flamber HansenApril 13, 2017

@chrisburton

Okay, Nginx is not listening on port 443, which likely means you have not created server block configuration for https - or you have not activated it.

Do you have a https-configuration in /etc/nginx/site-enabled ?

You are welcome to post your configuration.

Try DigitalOcean for free

Click below to sign up and get $200 of credit to try our products over 60 days!

Sign up