Nginx letsencrypt certbot ssl page will not load over https but will load over http

Question

I am trying to set up a digital ocean server using this tutorial https://www.digitalocean.com/community/tutorials/how-to-set-up-django-with-postgres-nginx-and-gunicorn-on-ubuntu-16-04

The site is served just fine over HTTP but will not load from https. (will not load references this chrome error)

This site can’t be reached kronoswebsolutions.com took too long to respond.
Try:

Checking the connection
Checking the proxy and the firewall
ERR_CONNECTION_TIMED_OUT

As advised I did check the firewall previous to posting but here is the output of my ufw. I do not have a firewall enabled on my digital ocean droplet web gui.

Nginx Full                 ALLOW       Anywhere                  
22                         ALLOW       *************             
22                         ALLOW       *************             
OpenSSH                    ALLOW       Anywhere                  
Nginx Full (v6)            ALLOW       Anywhere (v6)             
OpenSSH (v6)               ALLOW       Anywhere (v6)

Here is the results of nmap from my local machine using the ip of my server...

nmap -Pn -p 443 IPADDRESS
Starting Nmap 7.70 ( https://nmap.org ) at 2019-05-07 23:46 MDT
Nmap scan report for IPADDRESS
Host is up.

PORT    STATE    SERVICE
443/tcp filtered https

I am using Debian stretch rather than Ubuntu.

"Will not load" is, to put it mildly, an uninformative problem description. — womble, May 08 '19 at 02:47
Is this still to vague or are the edits I provided any help? — Baker Web Solutions, May 08 '19 at 03:12
It's understandable now, but you really do need to do what it advised: check the firewall. — Michael Hampton, May 08 '19 at 03:13
The ufw rules look fine. But if you disable ufw and reboot, can you then get in? — Michael Hampton, May 08 '19 at 03:39
So... it's a firewall problem. You can rip out everything about certbot, gunicorn, and nginx config from your question, then. — womble, May 08 '19 at 04:23
I can still get into the server when I disable ufw and reboot — Baker Web Solutions, May 08 '19 at 05:21

score 0 · Answer 1 · answered May 02 '22 at 17:46

I was having the same issue after following this tutorial and it turns out that it misses this piece of code that you have to add to your site's nginx.conf:

listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/{{ domain }}/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/{{ domain }}/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

score 0 · Accepted Answer · answered May 08 '19 at 06:36

Looks like it was definitely a firewall issue. I used this to reset my firewalls settings in iptables then set ufw up again and it is working.

First, set the default policies for each of the built-in chains to ACCEPT. The main reason to do this is to ensure that you won't be locked out from your server via SSH:

$ sudo iptables -P INPUT ACCEPT
$ sudo iptables -P FORWARD ACCEPT
$ sudo iptables -P OUTPUT ACCEPT

Then flush the nat and mangle tables, flush all chains (-F), and delete all non-default chains (-X):

$ sudo iptables -t nat -F
$ sudo iptables -t mangle -F
$ sudo iptables -F
$ sudo iptables -X

Then re enable ufw

$ sudo ufw enable

Please accept your own answer as the correct solution. – Tommiie May 08 '19 at 06:40 — Tommiie, May 08 '19 at 06:40

Nginx letsencrypt certbot ssl page will not load over https but will load over http

2 Answers2