My domain is:
My web server is : nginx 1.18.0
The operating system my web server runs on is : ubuntu 20.04 Server
My hosting provider, if applicable, is: OVH
I can login to a root shell on my machine : yes
The version of my client is: certbot 1.11.0

hello, i tried to run a server but the browsers give me an error.
chrome / edge (yes I did): ERR_SSL_PROTOCOL_ERROR
I have browsed the net but without success.
Here is the config file of my nginx:

*server {
listen 80;

    location / {
            return 301$request_uri;


#rediriger la version https://WWW.$url en https://$url
server {
listen 443 default_server ssl;

    #la protocole ssl
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;

    #redireton en version sans WWW
    location : {
            return 301$request_uri;



#le bloc finale.
server {
listen 443 ssl;
listen [::]:443 ssl;


    root /var/www/haristocrate/test;
    index index.html;

    error_log /var/log/nginx/ notice;
    access_log off;

#~ interdire tout les fichier commencant par un point
location ~ /. { deny all; }

    #ssl on;
    ssl_certificate /etc/letsencrypt/live/;
    ssl_certificate_key /etc/letsencrypt/live/;

    ssl_stapling on;
    ssl_stapling_verify on;
    #ssl_trusted_certficate /etc/letsencrypt/live/;

    #session Tikets
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_session_cache shared:SSL:100m;
    ssl_session_ticket_key /etc/nginx/ssl/ticket.key;
    ssl_dhparam /etc/nginx/ssl/dhparam4.pem;

    #ECDH Curve
    ssl_ecdh_curve secp384r1;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

I would like to clarify that before the server was running on apache and on another machine and the certificate worked very well.
now I would like to switch to Nginx and to another machine (the other is dead) so I generate another certificate, can this be a problem?
the new server has a different local address from the old one but the same public address.

can someone help me please?

1 Like

Hi @rudra.raw

that error says: Your port 443 is a http port, not a https port.

There you see it:

D:\temp>download -h
Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Fri, 22 Jan 2021 10:33:12 GMT
Server: nginx/1.18.0 (Ubuntu)

Status: 301 MovedPermanently

http + port 443 sends a correct http answer, should be an error message.

So your configuration is buggy or you have a wrong port forwarding port 443 extern -> port 80 intern. What says

nginx -T

Now your https + non-www

works :+1:


hello JuergenAuer, thank you very much for your prompt feedback, which is also the solution to my problem.
in fact I had to use a rule on my router by listing the ports separated by a comma.
the router must have thought that the two ports are the same.
I made two separate rules and it works.

thank you once again.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.