I have it set up that I access a reverse proxy with nginx which I have a file in sites-available called joshakirby and blahfoobar ect. I can access the rest of the sites fine. I changed Nginx to FULL so both port 80 and 443 should work fine. I get the error that my site is taking too long to load after restarting nginx post SSL install.
My domain is:
I ran this command:
sudo certbot --authenticator standalone --installer nginx
-d joshakirby.com --pre-hook “service nginx stop” --post-hook "service nginx start"
It produced this output:
Congratulations! You have successfully enabled https://joshakirby.com
Congratulations! Your certificate and chain have been saved at:
Your key file has been saved at:
Your cert will expire on 2018-05-02. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the “certonly” option. To non-interactively renew all of
your certificates, run “certbot renew”
Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: https://letsencrypt.org/donate
Donating to EFF: https://eff.org/donate-le
My web server is (include version):
The operating system my web server runs on is (include version):
Ubuntu server 16.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don’t know):
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
Port 443, the one used for HTTPS, appears to be blocked by a firewall.
This website appears to be using a home/business cable connection and not a colocated server so the first thing I would suggest you check is that port 443 is forwarded from your router to the server, if necessary.
If the port is forwarded properly or the server is directly connected to the Internet and not through a router, your operating system firewall is probably blocking the port instead. To unblock it, run
sudo ufw allow https
Both the host server and the reverse proxy have Nginx Full allowed through.So port 443 is open
It still looks closed here.
$ nmap joshakirby.com -p80,443
Starting Nmap 7.60 ( https://nmap.org ) at 2018-02-01 15:16 MST
Nmap scan report for joshakirby.com (188.8.131.52)
Host is up (0.11s latency).
rDNS record for 184.108.40.206: d67-193-215-88.home3.cgocable.net
PORT STATE SERVICE
80/tcp open http
443/tcp filtered https
Nmap done: 1 IP address (1 host up) scanned in 8.69 seconds
Is that up to date within the hour? Because I went and changed it after you said there was an issue with it.
Yes, that was run just few minutes before I posted. I just ran it again with the same result.
I’m confused now because it is open sudo ufw status shows nginx full there for ipv4 and ipv6
I have tried to restart this whole ****up and not going well. Nginx is messed up. I will reinstall and try again
Okay I have installed the reverse proxy and am back to where I should be before SSL certs. Is there a guide for let’s crypt with the new method you know of for multiple sites/subdomains on the same install?
If you are using certbot 0.21.0 or later (you can check with
certbot --version) you can just run:
sudo certbot --nginx
and it will read your nginx configuration and prompt you to get certificates for all your domains.
If you are using an older version of certbot, such as the one currently shipped by Ubuntu, due to a security issue that command won’t work, and you will need to run a slightly different command that will ask more questions:
sudo certbot --authenticator webroot --installer nginx
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.