Letsencrypt behind nginx reverse proxy


#1

Hi,

I have problems with letsencrypt behind nginx reverse proxy. i have a server with one public ip. on the server are more linux containers (virtual). on the root machine is a nginx server, there i created a reverse proxy to the server with letsencrypt (scroll down for nginx config). if i run letsencrypt on the machin behind the nginx proxy it connect to acme-v01.api.letsencrypt.org. but i have the following error:

Failed to connect to host for DVSNI challenge
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you’re using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.

the dns config is correct. because in the nginx log i have this error in the access log:

access.log:
66.133.109.36 - - [17/Mar/2016:22:25:10 +0100] “\x16\x03\x01\x00\xD2\x01\x00\x00\xCE\x03\x03d\xD1ya}$\xECo\x7Fl\x16\x07@\x9A\xD4[\xF7\xF9\xB0,\x95\x14\x85\x02N5\xE8OF\xF4\xFA\xB3\x00\x00\x18\xC0/\xC0+\xC00\xC0,\xC0\x13\xC0\x09\xC0\x14\xC0” 400 166 “-” “-” “-”

error.log:
2016/03/17 22:25:10 [info] 24301#24301: *1 client sent invalid method while reading client request line, client: 66.133.109.36, server: domain, request: “^V^C^A^@^A^@^@^C^Cdya}$o^?l^V^G@<9A>[,<95>^T<85>^BN5OF^@^@^X/+0,^S ^T”

NGINX Conf:

server {
listen 443;

    server_name domain.name

    location / {

    proxy_set_header   X-Real-IP $remote_addr;
    proxy_set_header   Host      $http_host;
    proxy_pass         http://192.168.1.5:80;

    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    }

}

can anybody can help me please?? maybe there is a config problem !


#3

Can you post your real domain name? Without that it is much harder for people to help you.


#4

you can close this topic!


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.