Is your hosting environment one where the hosting provider/account also has a firewall or allowed ports policy? In this case, does your DigitalOcean account have its own settings about what ports are permitted?
I would try:
openssl s_client -connect 127.0.0.1:443
and see which certificate it serves and which name is on that cert.
That may point you to where the web service is getting is config.
CONNECTED(00000003)
140540574877344:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 275 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1499309557
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
well then…
You may have to begin at the beginning.
nginx.conf
follow every include
review each line for possible typing errors:
like *.443, www-domain.tld
something doesn’t add up:
this shows nginx is listening on 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 21905/nginx
and this output showed no ciphers available:
openssl s_client -connect 127.0.0.1:443
I appreciate all the help I’ve had. I’m off to bed, but will be back tomorrow after beginning at the beginning! I will keep you updated if I work out whats going on. If I still can’t get it to work I might buy another droplet and start a server from scratch as I’ve spent and enormous amount of time trying to solve this.
I began looking at nginx.conf and worked my way through all the includes. Everything looks fine, but it is not working. I have given up on getting this to work on that server and will try on a clean installation.
Thank you all.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.