Problem with Nginx

epalma · August 24, 2021, 4:46pm

My domain is: mio.sito.it

I ran this command: certbot --nginx -d mio.sito.it -v
It produced this output:
Domain: mio.sito.it
Type: connection
Detail: Fetching http://mio.sito.it/.well-known/acme-challenge/uKyGeaPSdt2vQbcRpN58zTGzi_mVFaAaHZJuxRnM-3E: Timeout during connect (likely firewall problem)

My web server is (include version): Nginx

The operating system my web server runs on is (include version): ubuntu 20.04

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.19.0.dev0

My DNS is well configured.
My reverse-proxy.conf is:

server {
        listen 80;

        access_log /var/log/nginx/reverse-access.log;
        error_log /var/log/nginx/reverse-error.log;

        root /var/www/html;

        location / {
                        try_files $uri $uri/ /index.html =404;
}

}

thanks in advice

rg305 · August 24, 2021, 4:55pm

Hi @epalma, welcome to the LE community forum

That vhost config has no server name.
And doesn't appear to be doing proxy action.

The problem seems to be with inbound HTTP:

You need a functional HTTP site before it can be secure (via HTTP authentication method).

epalma · August 25, 2021, 8:00am

Hi @rg305,
thanks for your help. The HTTP is ok the config file I've send is the last after many changes I've done.
The web server in HTTP (port 80) respond correctly.
The firewall is down. The web server IP is public and reachable from internet.

rg305 · August 25, 2021, 9:31am

I can't even resolve the name to an IP:
can't find mio.sito.it: Non-existent domain

epalma · August 25, 2021, 10:55am

excuse me @rg305 mio.sito.it is a placeholder, the real one is staging.nexsoft.it
that is up and running and I wish redirect to private IP where I have a site under construction.
If I remove the comment in the conf file the redirection works ok but in HTTP.

server {
        listen 80;

        access_log /var/log/nginx/reverse-access.log;
        error_log /var/log/nginx/reverse-error.log;

        root /usr/share/nginx/html;

        location / {
#                       proxy_pass https://192.168.2.249:44353;
#                       try_files $uri $uri/ /index.html =404;
}

}

rg305 · August 25, 2021, 11:03am

Then leave the try_files uncommented?!?!

I don't understand what you mean by that.
You said:

How is this related?

epalma · August 26, 2021, 1:51pm

Hi @rg305
I found my problem... i don't know why but the two network cards on my server had lost the setting "ip forwarding =1" and this was messing up ip packets with huge delays in responding to HTTP requests. Inside my LAN all seemed ok but outside I had HTTP problems.
Fixed to 1 ip forwording everything went ok without changing anything else. thank you very much for the time you have dedicated to me.

rg305 · August 26, 2021, 2:48pm

@epalma, I'm glad that you have resolved the problem
Cheers form Miami

#FreeCUBA

system · September 25, 2021, 2:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.