Cannot connect to my raspberry pi server

My domain

My web server is (include version): Nginx 1.17

The operating system my web server runs on is (include version): Raspbian Buster (latest version)

I can login to a root shell on my machine: yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0-1

I have pre-emptively used the diagnostic website commonly used on this forum:

I installed letsencrypt by following THIS guide.

I use google domains.

I cannot reach my server when typing in my domain name. I get the error “ERR_CONNECTION_REFUSED”.

I can reach my server directly by ip, but i get a warning stating that my page is not secure.

My website recognizes that i have a certificate even though its “not secure”.

Here is my nginx server config.

I should also add that my domain name worked before I followed the guide.
I also have all of the correct files letsencrypt key, and nginx restarts without error.

1 Like


From your server virtual host, you have listened on port 80 for only ipv4 and 443 for ipv6 and ipv4.
However, you only have ipv6 setup in your domain, so when you tried to reach your domain on it’s not connecting (connection refused)

P.S. I seem to have connection timeout for your IPv6 https connection…

Thank you

1 Like

Hi @ineedhelpbro

is your router configuration correct? Looks like there is a blocking firewall.

Checking your raw ipv6 -[2601%3A201%3A4201%3Aa410%3A%3Acc36]

Domainname Http-Status redirect Sec. G
• http://[2601:0201:4201:a410:0000:0000:0000:cc36]/
2601:201:4201:a410::cc36 -2 1.587 V
ConnectFailure - Unable to connect to the remote server
• https://[2601:0201:4201:a410:0000:0000:0000:cc36]/
2601:201:4201:a410::cc36 -14 10.040 T
Timeout - The operation has timed out
• http://[2601:0201:4201:a410:0000:0000:0000:cc36]/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2601:201:4201:a410::cc36 -2 1.584 V
ConnectFailure - Unable to connect to the remote server

Looks like http is blocked via a firewall, https isn’t configured.

Port 80 extern -> port 80 intern
Port 443 extern -> port 443 intern

1 Like

I have forwarded port 443 on my firewall. I still cannot connect

1 Like


I can connect successfully now.

Thank you

1 Like

Im still unable to connect.

Yep, same here. http + the ip doesn’t work. https + the ip works with a certificate warning, it’s the correct certificate.


But this is your connection.

PS: The form action - doesn’t work.

But that’s expected

<form action="">

Yes, the website has no content just placeholders.

Do I need to alter my domain setting in google?

Ok , so how can I connect locally and get the green lock pad showing?

It sounds like you’re trying to access a local service on the same network, but using a public address.

Typically, this works in 3 flavors:

  1. Place the Service into a DMZ on the router
  2. Configure split-horizon DNS, so internal clients receive the internal IP, external clients receive the external IP.
  3. Configure reflection services, or “hairpin” NAT rules on the router.

I’m sorry to say that ALL of these options are really outside the scope of the Let’s Encrypt forum, but hopefully they put you on the correct path.

The simplest option for quick development is to edit the HOSTS file on your local machine to point the fully-qualified domain name to the IP of your Raspberry Pi. This certainly doesn’t scale and has a potential to introduce confusion down the road, but I think it would get you connected quickest.


So the behavior im experiencing is “normal”? I’m not supposed to be able to access my website locally using my domain name?

When I had http set up, I was able to access my website locally using my domain name. I can still access it with my ip.

1 Like

I’m not supposed to be able to access my website locally using my domain name?

It depends. This sounds like a problem with your DNS amongst other things. The options that @ezekiel presented are all valid.

Run the following commands internally as well as externally and compare the results you get.

curl -IL6
dig @ +short

Here’s what I see

$ dig +short

$ curl -IL6
curl: (6) Could not resolve host:

$ curl -IL6
curl: (7) Failed to connect to port 80: Connection refused

$ curl -IL6
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 24 Feb 2020 20:17:56 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive

Non-www isn’t defined. www is with an ipv6.

Host T IP-Address is auth. ∑ Queries ∑ Timeout A yes 1 0
AAAA yes A yes 1 0
AAAA 2601:201:4201:a410::cc36 Fresno/California/United States (US) - Comcast Cable Communications, LLC yes

Domain and ipv6 works.


Thanks @JuergenAuer, I’ve updated my comment.


Heres what i got


Do you have a port 80 vHost? If not, that’s expected.

Your https works.

1 Like

If you are asking about my server settings being set to listen on port 80, then i changed them to listen on port 443 based on the guides instructions.

The instructions called for me to add the server block below in order to redirect


If you ever wants your configuration work on port 80, please add a listen directive that asks nginx to listen to port 80 over IPv6.
You already had Listen
Just add listen [::]:80

# listen to all IPv4 and IPv6 interfaces for port 80
# IPv4
listen :80;
# IPv6
listen [::]:80;

^^ this is what I said in the first reply…

Also, if you want to have your root domain working, add the IPv6 address you had for your www to your root domain.

Thank you