Installed SSL behind nginx now site won't load

I have it set up that I access a reverse proxy with nginx which I have a file in sites-available called joshakirby and blahfoobar ect. I can access the rest of the sites fine. I changed Nginx to FULL so both port 80 and 443 should work fine. I get the error that my site is taking too long to load after restarting nginx post SSL install.

My domain is:
I ran this command:
sudo certbot --authenticator standalone --installer nginx
-d --pre-hook “service nginx stop” --post-hook "service nginx start"
It produced this output:
Congratulations! You have successfully enabled

You should test your configuration at:


  • Congratulations! Your certificate and chain have been saved at:
    Your key file has been saved at:
    Your cert will expire on 2018-05-02. To obtain a new or tweaked
    version of this certificate in the future, simply run certbot again
    with the “certonly” option. To non-interactively renew all of
    your certificates, run “certbot renew”

  • Your account credentials have been saved in your Certbot
    configuration directory at /etc/letsencrypt. You should make a
    secure backup of this folder now. This configuration directory will
    also contain certificates and private keys obtained by Certbot so
    making regular backups of this folder is ideal.

  • If you like Certbot, please consider supporting our work by:

    Donating to ISRG / Let’s Encrypt:
    Donating to EFF:

My web server is (include version):

The operating system my web server runs on is (include version):
Ubuntu server 16.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Port 443, the one used for HTTPS, appears to be blocked by a firewall.

This website appears to be using a home/business cable connection and not a colocated server so the first thing I would suggest you check is that port 443 is forwarded from your router to the server, if necessary.

If the port is forwarded properly or the server is directly connected to the Internet and not through a router, your operating system firewall is probably blocking the port instead. To unblock it, run sudo ufw allow https

Both the host server and the reverse proxy have Nginx Full allowed through.So port 443 is open

It still looks closed here. :frowning:

$ nmap -p80,443

Starting Nmap 7.60 ( ) at 2018-02-01 15:16 MST
Nmap scan report for (
Host is up (0.11s latency).
rDNS record for

80/tcp  open     http
443/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 8.69 seconds

Is that up to date within the hour? Because I went and changed it after you said there was an issue with it.

Yes, that was run just few minutes before I posted. I just ran it again with the same result.

I’m confused now because it is open sudo ufw status shows nginx full there for ipv4 and ipv6

I have tried to restart this whole ****up and not going well. Nginx is messed up. I will reinstall and try again

Okay I have installed the reverse proxy and am back to where I should be before SSL certs. Is there a guide for let’s crypt with the new method you know of for multiple sites/subdomains on the same install?

If you are using certbot 0.21.0 or later (you can check with certbot --version) you can just run:

sudo certbot --nginx

and it will read your nginx configuration and prompt you to get certificates for all your domains.

If you are using an older version of certbot, such as the one currently shipped by Ubuntu, due to a security issue that command won’t work, and you will need to run a slightly different command that will ask more questions:

sudo certbot --authenticator webroot --installer nginx

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.