My subdomain stopped working after installation of SSL certificate

Help
1

My domain is bgspectrum.dedyn.io

After executing all the commands on Certbot Instructions | Certbot the console displayed a message stating that the certificate was installed. After that I tried going to my website using the subdomain and I took it about 30 seconds to load. It said it can`t access the website.

My web server is Nginx version 1.18.0

The operating system my web server runs on is Ubuntu 18.04

I can login to a root shell on my machine

I'm using the wordpress dashboard to manage my website.

When I execute certbot --version or certbot-auto --version the console shows an error. So I cant check the version of certbot.

So after installing the SSL certificate my subdomain stopped working. The browser says the session has timed out and it can`t access the website. But I can access the website when I type the IP address and hit Enter.

Is the installation of the certificate connected to my subdomain stopping working and if yes, could you tell me how I can fix it?

Thanks in advance,

Jeff.

1 Like
2

It looks like you are blocking access to port 443.

That port is used for default connections using HTTPS which should now work that you have a cert. And, if your server is configured to use it

2 Likes
3

Hi @Jeffrey12345, and welcome to the LE community forum :slight_smile:

It seems that [as instructed] certbot has updated the HTTP config to redirect to HTTPS:

curl -Ii http://bgspectrum.dedyn.io/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Sat, 16 Dec 2023 23:44:52 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://bgspectrum.dedyn.io/

The problem is that HTTPS [TCP port 443] is not working for your site.

curl -Ii https://bgspectrum.dedyn.io/
curl: (7) Failed to connect to bgspectrum.dedyn.io port 443 after 128 ms: No route to host
2 Likes
4

It's also possible that your router is not forwarding port 443 to the same internal IP as it forwards port 80.

1 Like
5

But I checked and port 443 is open

6

Not from my perspective

nmap -p22,25,80,443 bgspectrum.dedyn.io

PORT    STATE    SERVICE
22/tcp  open     ssh
25/tcp  filtered smtp
80/tcp  open     http
443/tcp filtered https

Are you trying from the public internet? Like a mobile phone with wifi disabled to use the carrier network?

And, blocked from here too
https://www.ssllabs.com/ssltest/analyze.html?d=bgspectrum.dedyn.io&hideResults=on

3 Likes
7

No I don`t

8

Using the online tool https://check-host.net/ checking from around the world
HTTP Port 80 - Permanent link to this check report yields "OK".
HTTPS Port 443 - Permanent link to this check report yields "Connection timed out".

2 Likes
9

Do you recognize this device

f-ed14-i.F.DE.NET.DTAG.DE

Because if I do a traceroute using port 443 it stops there. But, using port 80 I can reach your IP past this device.

Something in your network config for port 443 is wrong. How are you connected to the internet?

curl -i https://132.226.199.125
curl: (7) Failed to connect to 132.226.199.125 port 443 after 103 ms: No route to host

(but http to your IP works)
1 Like
10

I use a cable

11

Then maybe whatever that cable is plugged in to is blocking or not handling port 443

You should check that.

3 Likes
12

As a test, try allowing some other port and also use that port in your secure vhost config.
Like: 4443, 8443, etc.

2 Likes
13

???
Your ISP is a cable company?
You used an Ethernet cable?

3 Likes
14

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.