I'm having trouble getting SSL to work with my Nginx installation. I found a couple of other questions related to this but they did not fix my problem.
Checks I did:
nginx -t returns with no errorsufw disable to let all traffic troughnetstat -nltp tells me that tcp:0.0.0.0:80 and tcp:0.0.0.0:433 go to nginx: mastercurl -v https://mywebsite.nl returns Failed to connect to mywebsite.nl port 443: Connection refusedcurl -v http://mywebsite.nl returns OKWeird things:
netstat -peanut | grep ":80 " returns with tcp:0.0.0.0:80 bound to nginx: master but when I try netstat -peanut | grep ":443 " it returns nothing?nmap -p 433 mywebsite.nl it returns 433/tcp filtered nnsp while I expected the port to be open as it does with port 80I bundled my CA certificate together with my own one (in the right order as mentioned by the Nginx docs).
My Nginx-conf looks like this:
server {
listen 80;
listen 433 ssl http2;
ssl_certificate /etc/ssl/certs/mywebsite.nl-bundle.crt;
ssl_certificate_key /etc/ssl/certs/mywebsite.nl.key;
server_name *.mywebsite.nl;
root /var/www/mywebsite-app/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
if ($scheme != "https") {
return 301 https://$host$request_uri;
}
}
listen 433 ssl http2;
It should be 443, not 433. See also the error message, which also says that it tries to connect to port 443:
Failed to connect to covidtesta4.nl port 443: Connection refused