Cannot access my site through https

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: ugo.chatscrum.com, ugoapi.chatscrum.com, www.ugo.chartscrum.com, www.ugoapi.chatscrum.com

I ran this command: sudo certbot --nginx

It produced this output: Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/ugo.chatscrum.com-0001/fullchain.pem
Key is saved at: /etc/letsencrypt/live/ugo.chatscrum.com-0001/privkey.pem
This certificate expires on 2023-02-17.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.

Deploying certificate
Could not install certificate

NEXT STEPS:

  • The certificate was saved, but could not be installed (installer: nginx). After fixing the error shown below, try installing it again by running:
    certbot install --cert-name ugo.chatscrum.com-0001

Could not automatically find a matching server block for ugo.chatscrum.com. Set the server_name directive to use the Nginx installer.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version): nginx version: nginx/1.22.1

The operating system my web server runs on is (include version):NAME="Amazon Linux"
VERSION="2"

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.32.0

Hello @ugobozz, welcome to the Let's Encrypt community. :slightly_smiling_face:

From a DNS point of view www.ugo.chartscrum.com and www.ugoapi.chatscrum.com are not resolving.

$ nslookup
> chatscrum.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   chatscrum.com
Address: 54.188.97.197
> ugo.chatscrum.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   ugo.chatscrum.com
Address: 54.146.214.70
> ugoapi.chatscrum.com
Server:         127.0.0.53
Address:        127.0.0.53#53

Non-authoritative answer:
Name:   ugoapi.chatscrum.com
Address: 54.146.214.70
> www.ugo.chartscrum.com
Server:         127.0.0.53
Address:        127.0.0.53#53

** server can't find www.ugo.chartscrum.com: NXDOMAIN
> www.ugoapi.chatscrum.com
Server:         127.0.0.53
Address:        127.0.0.53#53

** server can't find www.ugoapi.chatscrum.com: NXDOMAIN
> exit

From a nmap Port point of view nothing has HTTPS Port 443 open

$ nmap ugo.chatscrum.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-11-20 00:58 UTC
Nmap scan report for ugo.chatscrum.com (54.146.214.70)
Host is up (0.082s latency).
rDNS record for 54.146.214.70: ec2-54-146-214-70.compute-1.amazonaws.com
Not shown: 996 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
443/tcp  closed https
8000/tcp open   http-alt

Nmap done: 1 IP address (1 host up) scanned in 6.48 seconds
$ nmap ugoapi.chatscrum.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-11-20 00:59 UTC
Nmap scan report for ugoapi.chatscrum.com (54.146.214.70)
Host is up (0.081s latency).
rDNS record for 54.146.214.70: ec2-54-146-214-70.compute-1.amazonaws.com
Not shown: 996 filtered ports
PORT     STATE  SERVICE
22/tcp   open   ssh
80/tcp   open   http
443/tcp  closed https
8000/tcp open   http-alt

Nmap done: 1 IP address (1 host up) scanned in 6.44 seconds
$ nmap www.ugo.chartscrum.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-11-20 00:59 UTC
Failed to resolve "www.ugo.chartscrum.com".
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.16 seconds
$ nmap www.ugoapi.chatscrum.com
Starting Nmap 7.80 ( https://nmap.org ) at 2022-11-20 00:59 UTC
Failed to resolve "www.ugoapi.chatscrum.com".
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.19 seconds
2 Likes

This can't be good:

Please show:
certbot certificates

That means your nginx config lacks some basic configuration.
You should have a working website before trying to create the secured version of it.

3 Likes