Question

SSL configuration doesn't work

Hello, I was following different guides to set up https on my nginx. Right now my nginx.conf looks like this:

# HTTP SERVER
server {
        server_name  mysite.com;
        listen 80 default_server;
        listen [::]:80 default_server;

        location / {
            rewrite ^ https://$http_host$request_uri? permanent;
        }
}

# HTTPS Server
server {
    listen 443;
    server_name mysite.com;

    ssl on;

    ssl_certificate /etc/nginx/ssl/mysite.com.crt; 
    ssl_certificate_key /etc/nginx/ssl/mysite.com.key; 

    access_log  /var/log/nginx/client-access.log;
    error_log   /var/log/nginx/client-error.log;

    root /usr/share/nginx/html;
    index index.html index.htm;

    location / {
        try_files $uri $uri/index.html/index.html;
    }
}

When I test it I get the result: nginx: configuration file /etc/nginx/nginx.conf test is successful

I deleted the firewall, so when I run:

sudo ufw status

I get: command not found

After every configuration change I do:

service nginx reload

When I try to view a page via https, I see Chrome error page with ERR_CONNECTION_REFUSED

If I run netstat -nlp | grep :443

tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 9683/nginx: master

I was wondering maybe my: ssl_certificate /etc/nginx/ssl/mysite.com.crt; ssl_certificate_key /etc/nginx/ssl/mysite.com.key;

are not correct, would I see any errors/logs if they were wrong?

I don’t know what else to check?

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Hello @taraskryvko,

Overall your configuration looks good but you need to update it a bit, here is how it should look like

#This server block will redirect http:// to https://www.mysite.com
server {
    listen 80;
    listen [::]:80;
    server_name mysite.com www.mysite.com;
    return 301 https://www.mysite.com$request_uri;
}

server {

    listen [::]:443 ssl http2;
    listen 443 ssl http2;
    server_name mysite.com;

    ssl_certificate /etc/nginx/ssl/mysite.com.crt; 
    ssl_certificate_key /etc/nginx/ssl/mysite.com.key; 

    access_log  /var/log/nginx/client-access.log;
    error_log   /var/log/nginx/client-error.log;

    root /usr/share/nginx/html;
    index index.html index.htm;

    location / {
        try_files $uri $uri/index.html/index.html;
    }

Test it out and let me know how it goes.

Regards, KFSys