Connection refused getting certificate with nginx

So i have got 2 vm's one is running gitlab fgit server configured with http and ufw as firewall.
the other server is my reverseproxy running nginx

both vm's have ufw enabled as main firewall: both have port 80 and 443 allowed ipv4 and ipv6.

My gitlab is configured over http while my connection to the outside is https.
At this moment i usally ask my certificate using certbot and letsencrypt over dns chanllengen, however i'd like to get it in my reverse proxy as this is simpler and using it with auto renew.

However when i run the command: sudo certbot --nginx or (-d git.timclinckemalie.me) i stil l get connection refused.

my domain: git.timclinckemalie.me (should be accesible with http and https) however at this very moment my cert is expired.

both vm's are running ubuntu 18.04.4
my reverseproxy is running nginx 1.14.0

since the website is working both firewall router and dns should be correct i assume.
altough when using certbot --nginx
the output is always liek http://git.timclinckemalie.me/.well-known/acme-challenge. since the server is a reverseproxy and does not have any files on webroot what does it check?

How can i get this to work?

I used these resources:

https://linuxize.com/post/redirect-http-to-https-in-nginx/#:~:text=The%20preferred%20method%20to%20redirect,unpredictable%20behavior%20of%20the%20server.

https://linuxhint.com/nginx_reverse_proxy-2/

2 Likes

Welcome to the Let's Encrypt Community :slightly_smiling_face:

2 Likes

oh i think i know the issue stupid myself port 80 is open to my gitlab and reverseproxy however i do not accept port 80 to be used, i mean port 80 is not forwarded in my router to my reverse proxy lets try this .

2 Likes

omg yup thats the problem i didn't forward port 80 to my reverse proxy vm in my router :confused:
Thanks for the help tough

3 Likes

Happens all the time. :grin:

2 Likes