net::ERR_SSL_PROTOCOL_ERROR

MarcoI nginx-forum at forum.nginx.org
Wed Feb 12 06:53:31 UTC 2020 

Hi!,
I do not understand what should I modify.

If I should use ggc,world when connecting with the browser, this is what I
already do: 
https://drive.google.com/open?id=10MYySDKhPx9L-QucqzxN5NTratJEOJZR

If instead I should put ggc.world instead of local (127.0.0.1) in
/etc/nginx/conf.d/default.conf , this is the result of my trial:

/etc/nginx/conf.d/default.conf : 


    server {
        listen 443 ssl http2 default_server;
        server_name ggc.world;

        ssl_certificate /etc/letsencrypt/live/ggc.world/fullchain.pem; #
managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/ggc.world/privkey.pem; #
managed by Certbot
        ssl_trusted_certificate /etc/letsencrypt/live/ggc.world/chain.pem;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

        ssl_session_timeout 5m;
        ssl_protocols TLSv1.2 TLSv1.3;
        ssl_ciphers EECDH+CHACHA20:EECDH+CHACHA20-
          
draft:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5;
        ssl_prefer_server_ciphers on;
        ssl_session_cache shared:SSL:50m;
        #ssl_stapling on;
        #ssl_stapling_verify on;

        access_log /var/log/nginx/ggcworld-access.log combined;

        add_header Strict-Transport-Security "max-age=31536000";
        location = /favicon.ico { access_log off; log_not_found off; }

        location / {
            #proxy_pass http://127.0.0.1:8080;
            proxy_pass http://ggc.world:8080;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
       }
    }

    server {
        listen 80 default_server;
        listen [::]:80 default_server;
        error_page 497 https://$host:$server_port$request_uri;
        server_name www.ggc.world;
        return 301 https://$server_name$request_uri;

        access_log /var/log/nginx/ggcworld-access.log combined;

        add_header Strict-Transport-Security "max-age=31536000";
        location = /favicon.ico { access_log off; log_not_found off; }

        location / {
            #proxy_pass http://127.0.0.1:8080;
            proxy_pass http://ggc.world:8080;
            proxy_http_version 1.1;
           proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }

    upstream websocket {
        ip_hash;
        #server localhost:3000;
        server ggc.world:3000;
    }

    server {
        listen 81;
        server_name ggc.world www.ggc.world;

        #location / {
        location ~ ^/(websocket|websocket\/socket-io) {
            #proxy_pass http://127.0.0.1:4201;
            proxy_pass http://ggc.world:4201;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
            proxy_set_header X-Forwared-For $remote_addr;
            proxy_set_header Host $host;

            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
        }
    }

I get this output:
    https://drive.google.com/open?id=1zUSN9wP6h9svizahMjhhFFbY0CLN71Aw

Can you please explain me?
Thank you for your kind help
Marco

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,286991,286996#msg-286996

More information about the nginx mailing list