FastAPI + Nginx, not being able to connect through HTTPS

I'm currently facing an issue with Nginx not being able to connect to the Uvicorn server for a FastAPI application. Here are the details:

• Nginx Configuration:
  • Nginx is configured to forward requests to 127.0.0.1:8000.
  • Nginx logs show repeated connect() failed (111: Connection refused) errors, indicating that it cannot connect to the upstream server.
  • Configuration file for Nginx is set up with proxy_pass pointing to http://127.0.0.1:8000.

server {
    server_name clover-academy.org www.clover-academy.org;

    location / {
        proxy_pass http://127.0.0.1:8000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/clover-academy.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/clover-academy.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = www.clover-academy.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    if ($host = clover-academy.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    server_name clover-academy.org www.clover-academy.org;
    return 404; # managed by Certbot
}

• Uvicorn Configuration:

  • Uvicorn is set up to listen on 0.0.0.0:8000 using the command: uvicorn bot.app:app --host 0.0.0.0 --port 8000 --log-level debug.

• Log Information:

  • Nginx logs show errors like: connect() failed (111: Connection refused) while connecting to upstream.
  • Uvicorn logs are not showing any errors or connection issues.

• Actions Taken:

  • Verified that Uvicorn is running on port 8000 and is listening on the correct address.
  • Confirmed that Nginx is configured to listen on ports 80 and 443.
  • Enabled verbose logging for both Nginx and Uvicorn for detailed error information. But the only error a received was the 101 connecition refused.
  • Check if the certificates was still valid.
  • Also checked iptables and everything was fine.

Nginx is receiving the request but the page keeps loading indefinitely, until The connection has timed out.

Thank you for your help!

I don't see how Let's Encrypt is involved with that problem. It looks like a configuration issue with your server and app.

Maybe a Uvicorn support forum is better place for this?

That said, your port 443 looks blocked, probably by a firewall, so HTTPS requests do not reach your nginx server.

Your first server block is also missing a closing bracket. Perhaps that was just a copy/paste problem though.

I'll try to do it. Thank you

or nginx.

my troubleshooting advice:

1- try setting up a static route (files) on the https server. make a location /test-static block for it, and just test to ensure you can hit that via https

2- then work on configuring your proxypass and uvicorn correctly. nginx in debug mode can be helpful here, though the messages can be overwhelming

you could also try a HTTP version of the proxypass first, then lock that down with HTTPS. either order is fine, just ensure each component works correctly before the two are integrated.

Try expanding logging in uvicorn and python. There may be something in the ASGI layer/integration that is aborting the request for being deficient somehow, and just not logging it at the current level.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.