Search code examples
nginxcurlserveropensuse

nginx: Trying to curl from the Server itself via Domain Name results in Timeout

So I'm hosting a website sub.domain.com on my OpenSUSE Tumbleweed server via nginx as vhost. Access from the internet is working fine, but when I SSH into the server and try to curl https://sub.domain.com it results in a timeout. Is this expected behavior? If so, then is there a way to configure nginx to serve to itself as well via URL?

It's not a firewall issue, and I can curl google.com just fine.

Thanks for any ideas :) happy to post config files as well if required, but I've tried commenting out all but a very barebone config and it still didn't work.

  • SSH into the server that is hosting sub.domain.com
  • curl https://sub.domain.com
  • Expectation: successful curl result
  • Result: curl timeout

Troubleshooting as suggested by Zac Anger:

dig sub.domain.com +short => correct IP

curl -v https://sub.domain.com =>

*   Trying 11.22.33.123:443...
* connect to 11.22.33.123 port 443 failed: Connection timed out
* Failed to connect to sub.domain.com port 443 after 130849 ms: Couldn't connect to server

curl -v 11.22.33.123 -H 'Host: sub.domain.com' =>

*   Trying 11.22.33.123:80...
* connect to 11.22.33.123 port 80 failed: Connection timed out
* Failed to connect to 11.22.33.123 port 80 after 129671 ms: Couldn't connect to server
* Closing connection 0
curl: (28) Failed to connect to 11.22.33.123 port 80 after 129671 ms: Couldn't connect to server

curl localhost -H 'Host: sub.domain.com' =>

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>nginx</center>
</body>
</html>

curl https://localhost -H 'Host: sub.domain.com' =>

curl: (60) SSL: no alternative certificate subject name matches target host name 'localhost'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
Solution

  • I think I managed to fix it by adding the domain name to /etc/hosts:

    It now has the following entry for 127.0.0.1:

    127.0.0.1 sub.domain.com localhost.localdomain localhost

    Thanks again to Zac Anger for helping me pin down the issue, much appreciated!