Trouble with SSL connection and let's encrypt certificates
Ph. Gras
ph.gras at worldonline.fr
Fri Mar 23 23:04:56 UTC 2018
Hello there,
I'm running several websites with different domain names on a Debian 9 server and
have problems to have a connection on port 443 for some days.
Certificates are generated by let's encrypt and do the job on other services except
NginX, for example :
# openssl s_client -connect mailbox.fredlutaud.com:443 -showcerts
CONNECTED(00000003)
write:errno=0
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 176 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1521844523
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no
---
# openssl s_client -connect mailbox.fredlutaud.com:993 -showcerts
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = ns365710.ip-176-31-120.eu
verify return:1
---
Certificate chain
0 s:/CN=ns365710.ip-176-31-120.eu
i:/C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAz2exXicPgWK2nWjFrHdoj7UMA0GCSqGSIb3DQEBCwUA
[Blah…]
# netstat -antp | grep nginx
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16773/nginx: master
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 16773/nginx: master
tcp6 0 0 :::80 :::* LISTEN 16773/nginx: master
tcp6 0 0 :::443 :::* LISTEN 16773/nginx: mas
# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Do you have an idea to solve my problem ?
Thanks in advance,
Ph. Gras
More information about the nginx
mailing list