Trouble with SSL connection and let's encrypt certificates

Ph. Gras ph.gras at
Fri Mar 23 23:04:56 UTC 2018

Hello there,

I'm running several websites with different domain names on a Debian 9 server and
have problems to have a connection on port 443 for some days.

Certificates are generated by let's encrypt and do the job on other services except
NginX, for example :
# openssl s_client -connect -showcerts
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 176 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
    Protocol  : TLSv1.2
    Cipher    : 0000
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1521844523
    Timeout   : 7200 (sec)
    Verify return code: 0 (ok)
    Extended master secret: no
# openssl s_client -connect -showcerts
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN =
verify return:1
Certificate chain
 0 s:/
   i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3


# netstat -antp | grep nginx
tcp        0      0    *               LISTEN      16773/nginx: master 
tcp        0      0   *               LISTEN      16773/nginx: master 
tcp6       0      0 :::80                   :::*                    LISTEN      16773/nginx: master 
tcp6       0      0 :::443                  :::*                    LISTEN      16773/nginx: mas

# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Do you have an idea to solve my problem ?

Thanks in advance,

Ph. Gras

More information about the nginx mailing list