Trouble setting up SSL

Mon Sep 5 00:02:21 UTC 2022

Also just to give as much info as possible this is how I created the keys:

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout 
/etc/nginx/ssl/biscotty.dev.ke
y -out /etc/nginx/ssl/biscotty.dev.crt

On 9/4/22 17:48, Moshe Katz wrote:
> Here are a few things you can check (all of these need to be run as 
> root or using `sudo`):
>
> Is nginx actually listening on port 443? There are lots of different 
> commands you can use to check this, but I like to use `netstat -lptn | 
> grep nginx`.
>
> Is there an error in your config? Check this with `nginx -t`.
>
> Have you allowed port 443 through your firewall? Check 
> `/var/log/syslog` for firewall messages.
>
> On Sun, Sep 4, 2022, 7:27 PM Brian Carey <biscotty666 at gmail.com> wrote:
>
>     Hi,
>
>     I'm pretty new to nginx but do have a server up and running. I've
>     been
>     pulling my hair out over ssl setup though. I have read the docs on
>     your
>     server and some others like the alpine site. The most recent
>     attempt I
>     followed the video tutorial on your website. Whenever I try to
>     connect
>     via ssl it hangs.  I hope someone here has some ideas because I don't
>     know where else to turn.
>
>     No errors show in the nginx logs.
>
>     I'm running Ubuntu 20.04. Nginx was installed following the
>     instructions
>     on your website.
>
>     When I try to access http://www.biscotty.dev with curl I get a
>     response.
>     If I explicitly request https it hangs indefinitely. The
>     commands/responses are posted below.
>
>     Not sure if this matters but I have learned that dev domains try to
>     enforce https, so explicitly using http in a browser gui craps out no
>     matter what, but curl ignores this and serves you via http anyway. I
>     don't know if this matters but I thought I would mention it.
>
>     Here is my .conf file. I have not modified anything else from the
>     initial install.
>
>     '''
>     server {
>     listen 80 default_server;
>     server_name www.biscotty.dev <http://www.biscotty.dev>;
>     return 301 https://$server_name$request_uri;
>     }
>
>     server {
>     listen 443 ssl;
>     server_name www.biscotty.dev <http://www.biscotty.dev>;
>
>     ssl_certificate /etc/nginx/ssl/biscotty.dev <http://biscotty.dev>.crt;
>     ssl_certificate_key /etc/nginx/ssl/biscotty.dev
>     <http://biscotty.dev>.key;
>
>     location / {
>     root /usr/share/nginx/html;
>     index index.html index.htm;
>     }
>     }
>     '''
>     '''
>     root at biscotty-lt:/etc/nginx/conf.d# curl -I http://biscotty.dev
>     HTTP/1.1 301 Moved Permanently
>     Server: nginx/1.23.1
>     Date: Sun, 04 Sep 2022 21:05:01 GMT
>     Content-Type: text/html
>     Content-Length: 169
>     Connection: keep-alive
>     Location: https://www.biscotty.dev/
>
>     root at biscotty-lt:/etc/nginx/conf.d# curl -I https://biscotty.dev
>     ^C
>     ```
>
>
>     _______________________________________________
>     nginx mailing list -- nginx at nginx.org
>     To unsubscribe send an email to nginx-leave at nginx.org
>
>
> _______________________________________________
> nginx mailing list --nginx at nginx.org
> To unsubscribe send an email tonginx-leave at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220904/24766782/attachment.htm>