Hi Everyone,

I’m trying to setup a StartSSL certificate on my server. My server is the Ghost one-click application image. I have updated Ghost to the newest version though if that makes a difference.

I have followed StartSSL’s instructions first and then opened port 443 in IPTables. I have also looked at other configuration tutorials such as https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-nginx-for-ubuntu-12-04

In an effort to better debug, I have done the following:

If I do sudo netstat -plunt

I see these lines:

tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      9431/nginx      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      9431/nginx      

This to me looks as though nginx is correctly looking on both port 80 and port 443.

If I do nmap 192.241.136.177 this being the server’s IP address, I get:

PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
443/tcp open  https

My nginx configuration is:

PORT    STATE SERVICE
22/tcp  open  ssh
80/tcp  open  http
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 0.23 seconds
root@NodeJSGhostBlog:/etc/nginx/conf.d# nano default.conf 

  GNU nano 2.2.6                      File: default.conf                                                  

server {
    listen 80;
    server_name kevinkirsche.com;

    client_max_body_size 10M;

    location / {
            proxy_pass http://localhost:2368/;
            proxy_set_header Host $host;
            proxy_buffering off;
    }
}

# HTTPS Server

server {
    listen 443 ssl;
    server_name kevinkirsche.com;

    ssl on;
    ssl_certificate LOCATION/TO/CERT/HERE;
    ssl_certificate_key LOCATION/TO/KEY/HERE;

    ssl_session_timeout 5m;
}

Yet if I try to load https://kevinkirsche.com/, it fails with:
Error code: ERR_CONNECTION_TIMED_OUT

It correctly loads http://kevinkirsche.com almost instantly though.

Any help about what I’m missing would be greatly appreciated.

Thank you!