My domain is:
embracetherain.at / www.embracetherain.at
I got the Let’s Encrypt certificates with certbot for both domains.
the www domain redirect via DNS-CNAME to the non-www domain
also there is a 301 redirect in the nginx/conf.d/.
In Safari and Firefox (on Mac) everything works great. Chrome, when going to the non-www domain shows the ERR_SSL_PROTOCOL_ERROR. But if I go first to the www-domain then it redirect correctly to the non-www domain and everything works great.
On mobile (android) browser Firefox the same behavior.
On mobile browser Chrome both the www and the non-www domain show the ERR_SSL_PROTOCOL_ERROR.
My web server is (include version):
Ghost 2.1 on Ubuntu 16.04 with nginx
My hosting provider, if applicable, is:
digital ocean
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
Well. It was not the complete solution. I had to add some lines to the nginx config because there were some problems when accessing the www-domain via http.
the old (and now deleted) redirect.conf:
server {
if ($host = www.embracetherain.at) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name www.embracetherain.at;
listen 80;
return 404; # managed by Certbot
}
Connection - secure (strong TLS 1.2) The connection to this site is encrypted and authenticated using TLS 1.2 (a strong protocol), ECDHE_RSA with P-384 (a strong key exchange), and AES_128_GCM (a strong cipher).
is missing. So Chrome loads the certificate, but isn't able to create a TLS.1.2 connection.
download https://embracetherain.at/ -h
Error (1): Die Anfrage wurde abgebrochen: Es konnte kein geschützter SSL/TLS-Kanal erstellt werden..
SecureChannelFailure
3