Cannot connect to my raspberry pi server

My domain is:wolverinesoap.com

My web server is (include version): Nginx 1.17

The operating system my web server runs on is (include version): Raspbian Buster (latest version)

I can login to a root shell on my machine: yes

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31.0-1

I have pre-emptively used the diagnostic website commonly used on this forum:
https://check-your-website.server-daten.de/?q=wolverinesoap.com

I installed letsencrypt by following THIS guide.

I use google domains.

I cannot reach my server when typing in my domain name. I get the error “ERR_CONNECTION_REFUSED”.

I can reach my server directly by ip, but i get a warning stating that my page is not secure.

My website recognizes that i have a certificate even though its “not secure”.

Here is my nginx server config.

I should also add that my domain name worked before I followed the guide.
I also have all of the correct files letsencrypt key, and nginx restarts without error.

1 Like

Hi,

From your server virtual host, you have listened on port 80 for only ipv4 and 443 for ipv6 and ipv4.
However, you only have ipv6 setup in your domain, so when you tried to reach your domain on http://www.wolverinesoap.com it’s not connecting (connection refused)

P.S. I seem to have connection timeout for your IPv6 https connection…

Thank you

1 Like

Hi @ineedhelpbro

is your router configuration correct? Looks like there is a blocking firewall.

Checking your raw ipv6 - https://check-your-website.server-daten.de/?q=[2601%3A201%3A4201%3Aa410%3A%3Acc36]

Domainname Http-Status redirect Sec. G
• http://[2601:0201:4201:a410:0000:0000:0000:cc36]/
2601:201:4201:a410::cc36 -2 1.587 V
ConnectFailure - Unable to connect to the remote server
• https://[2601:0201:4201:a410:0000:0000:0000:cc36]/
2601:201:4201:a410::cc36 -14 10.040 T
Timeout - The operation has timed out
• http://[2601:0201:4201:a410:0000:0000:0000:cc36]/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2601:201:4201:a410::cc36 -2 1.584 V
ConnectFailure - Unable to connect to the remote server

Looks like http is blocked via a firewall, https isn’t configured.

Port 80 extern -> port 80 intern
Port 443 extern -> port 443 intern

1 Like

I have forwarded port 443 on my firewall. I still cannot connect

1 Like

Hi,

I can connect successfully now.

Thank you

1 Like

Im still unable to connect.

Yep, same here. http + the ip doesn’t work. https + the ip works with a certificate warning, it’s the correct certificate.

3 Likes

But this is your connection.

PS: The form action - doesn’t work.

But that’s expected

<form action="http://www.example.com/login.php">
2 Likes

Yes, the website has no content just placeholders.

Do I need to alter my domain setting in google?

Ok , so how can I connect locally and get the green lock pad showing?

It sounds like you’re trying to access a local service on the same network, but using a public address.

Typically, this works in 3 flavors:

  1. Place the Service into a DMZ on the router
  2. Configure split-horizon DNS, so internal clients receive the internal IP, external clients receive the external IP.
  3. Configure reflection services, or “hairpin” NAT rules on the router.

I’m sorry to say that ALL of these options are really outside the scope of the Let’s Encrypt forum, but hopefully they put you on the correct path.

The simplest option for quick development is to edit the HOSTS file on your local machine to point the fully-qualified domain name to the IP of your Raspberry Pi. This certainly doesn’t scale and has a potential to introduce confusion down the road, but I think it would get you connected quickest.

5 Likes

So the behavior im experiencing is “normal”? I’m not supposed to be able to access my website locally using my domain name?

When I had http set up, I was able to access my website locally using my domain name. I can still access it with my ip.

1 Like

I’m not supposed to be able to access my website locally using my domain name?

It depends. This sounds like a problem with your DNS amongst other things. The options that @ezekiel presented are all valid.

Run the following commands internally as well as externally and compare the results you get.

curl -IL6 https://www.wolverinesoap.com
dig @8.8.8.8 wolverinesoap.com www.wolverinesoap.com +short
dig @YOUR_ROUTER_OR_DNS_SERVER wolverinesoap.com www.wolverinesoap.com +short

Here’s what I see

$ dig www.wolverinesoap.com wolverinesoap.com +short

$ curl -IL6 wolverinesoap.com
curl: (6) Could not resolve host: wolverinesoap.com

$ curl -IL6 www.wolverinesoap.com
curl: (7) Failed to connect to www.wolverinesoap.com port 80: Connection refused

$ curl -IL6 https://www.wolverinesoap.com
HTTP/1.1 200 OK
Server: nginx/1.14.2
Date: Mon, 24 Feb 2020 20:17:56 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
3 Likes

Non-www isn’t defined. www is with an ipv6.

Host T IP-Address is auth. ∑ Queries ∑ Timeout
wolverinesoap.com A yes 1 0
AAAA yes
www.wolverinesoap.com A yes 1 0
AAAA 2601:201:4201:a410::cc36 Fresno/California/United States (US) - Comcast Cable Communications, LLC yes

Domain and ipv6 works.

3 Likes

Thanks @JuergenAuer, I’ve updated my comment.

2 Likes

Heres what i got

2 Likes

Do you have a port 80 vHost? If not, that’s expected.

Your https works.

1 Like

If you are asking about my server settings being set to listen on port 80, then i changed them to listen on port 443 based on the guides instructions.

The instructions called for me to add the server block below in order to redirect

image

If you ever wants your configuration work on port 80, please add a listen directive that asks nginx to listen to port 80 over IPv6.
You already had Listen 0.0.0.0:80
Just add listen [::]:80

# listen to all IPv4 and IPv6 interfaces for port 80
# IPv4
listen :80;
# IPv6
listen [::]:80;

^^ this is what I said in the first reply…

Also, if you want to have your root domain working, add the IPv6 address you had for your www to your root domain.

Thank you

3 Likes