I'm having trouble getting SSL to work with my Nginx installation. I found a couple of other questions related to this but they did not fix my problem.
Checks I did:
nginx -t
returns with no errorsufw disable
to let all traffic troughnetstat -nltp
tells me thattcp:0.0.0.0:80
andtcp:0.0.0.0:433
go tonginx: master
curl -v https://mywebsite.nl
returnsFailed to connect to mywebsite.nl port 443: Connection refused
curl -v http://mywebsite.nl
returns OK
Weird things:
netstat -peanut | grep ":80 "
returns withtcp:0.0.0.0:80
bound tonginx: master
but when I trynetstat -peanut | grep ":443 "
it returns nothing?- if I try
nmap -p 433 mywebsite.nl
it returns433/tcp filtered nnsp
while I expected the port to be open as it does with port 80
I bundled my CA certificate together with my own one (in the right order as mentioned by the Nginx docs).
My Nginx-conf looks like this:
server {
listen 80;
listen 433 ssl http2;
ssl_certificate /etc/ssl/certs/mywebsite.nl-bundle.crt;
ssl_certificate_key /etc/ssl/certs/mywebsite.nl.key;
server_name *.mywebsite.nl;
root /var/www/mywebsite-app/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
It should be 443, not 433. See also the error message, which also says that it tries to connect to port 443: