UPDATE: Ok @JuergenAuer, I think I’ve realized the problem is likely with the Key/Cert Pair. I have updated my Nginx CONF file as follows:
server {
listen 80; listen [::]:80;
server_name boards.epochgames.co.uk;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
# The IP that you forwarded in your router (nginx proxy)
listen 443 ssl http2; listen [::]:443 ssl http2;
# Make site accessible from http://localhost/
server_name boards.epochgames.co.uk;
root /home/lighttpd/http;
# SSL config
# ssl on;
ssl_certificate /etc/nginx/ssl/0000_csr-certbot.pem;
ssl_certificate_key /etc/nginx/ssl/0000_key-certbot.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# include /etc/nginx/snippets/ssl.conf;
# The internal IP of the VM that hosts your Apache config
set $upstream 192.168.0.104:2045/;
location / {
# proxy_pass_header Authorization;
proxy_pass http://$upstream;
proxy_set_header Host $host;
proxy_set_header X-Forward-Proto $scheme; #X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
# proxy_set_header Connection "";
# proxy_buffering off;
# client_max_body_size 0;
# proxy_read_timeout 36000s;
proxy_redirect http://$upstream https://boards.epochgames.co.uk/;
}
}
When I run nginx -t I receive the following:
nginx: [emerg] PEM_read_bio_X509_AUX("/etc/nginx/ssl/0000_csr-certbot.pem") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE) nginx: configuration file /etc/nginx/nginx.conf test failed
I don’t think I’m generating the Key/Cert pair properly. @JuergenAuer would you mind explaining how I would go about generating a proper Let’s Encrypt Key/Cert pair? And would I do it on the Discourse VM or on the Nginx VM?