Installed let's encrypt certificate and the site became unavailable (This site can’t be reached), Ubuntu 16.04, nginx

Hi everybody!
installed let’s encrypt certificate and the site became unavailable (This site can’t be reached). The site worked without a ssl certificate

example of nginx config file for domain:

server {
server_name domain.com www.domain.com;

    location / {
            proxy_pass http://127.0.0.1:8800;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
    }

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = www.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

if ($host = domain.com) {
    return 301 https://$host$request_uri;
} # managed by Certbot


    listen 80;
    server_name domain.com www.domain.com;
return 404; # managed by Certbot

}

what could be the problem?

The error message you described could have a couple answers. Please provide your domain name.

Unfortunately I have no rights to show this domain in the public domain
Please write the options (or please pass on links where you can read solutions), I will check it myself
I tried many options, but none of them worked

Do the HTTP requests return the 301 redirection?
Can you show the entire config (even if you hide the name)?

It’s almost impossible to help you in this manner in my humble opinion. There’s not really something to go on, so we can’t point to a “here’s a working solution!” page. This is of course because a page like “Here’s the single answer for a few thousands problems” doesn’t exist.

I would advice you to debug nginx properly. This means digging into the error log, increase verbosity to this log if you can’t find any error message at the first glance et cetera.

2 Likes

this is the whole config file (as in start topic): https://prnt.sc/tlz9n6

The whole config is shown with:
nginx -T

[that is only a piece of it]

If that is not an option…
Try:
nginx -T | grep server_name
And look for any potential overlaps/conflicts with the domain name in question.

That cannot be the whole output of the command. Please just copy/paste the output in this thread (and use a line with three backticks (```) before and after the output for readability).

If you want to make it easy for yourself, you can always use sed to mask your domain name:

nginx -T | sed 's/yourdomainname.tld/example.com/g'

understand what you are talking about and I am not asking you to give me 1 solution for all cases, but I believe that there are several most common solutions that can help.

Thanks for the nginx test idea

in addition to the current domain there are a bunch of others, is there any solution for showing the config with hiding all domains without specifying their name?

I’m not a sed expert, so I don’t know.

by the way does your site give 301 but can’t reach https version, or it doesn’t get http redirect even?
see network tab of your broweser debug menu
and for obvious reason you need to open port 443 on firewalls to send https page

1 Like

And we circle back to my first question…
Which thus far has been completely unanswered.

1 Like

from http redirect to https

added 443 port, nothing:

nginx config (nginx -T):


deleted only instructions for domains as ‘server { listen 80…’
and strings with values ssl_ciphers

None of that information is of any use.
Sorry but there isn’t enough there to help you with.

1 Like

it was all information, in any case thanks for your time and help
p.s. i moved the project to another server and everything works

1 Like

Then you should loop in this conversation someone who does. :slight_smile:

1 Like