SSL not working while I put only domain name

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=htcertify.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: htcertify.com

I ran this command:

It produced this output:

My web server is (include version): Nginx, Ubuntu 18

The operating system my web server runs on is (include version): Ubuntu

My hosting provider, if applicable, is: AWS

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

N.T: I have successfully installed SSL, but when I put only domain name (htcertify.com), it showing error. Also if I give www.htcertify.com, its showing the same issue (ERR_CONNECTION_TIMED_OUT). Only if I put https://htcertify.com, then my site is appearing. I know I made some mistakes but can identify that. Please help me.

1 Like

Check your EC2 security group. You need to have TCP port 80 open, as well as 443. If it’s not your security group, check whether it’s a firewall on the Ubuntu server (i.e. ufw status).

Once that is fixed, you’ll also want to re-issue your certificate in order to also include the ‘www’ subdomain on it.

With Certbot, this would be done by e.g.:

-d htcertify.com -d www.htcertify.com
2 Likes

Thanks for your reply. I have enabled ufw and my status is
Status: active

To                         Action      From
--                         ------      ----
Nginx Full                 ALLOW       Anywhere
80/tcp                     ALLOW       Anywhere
443/tcp                    ALLOW       Anywhere
Nginx Full (v6)            ALLOW       Anywhere (v6)
80/tcp (v6)                ALLOW       Anywhere (v6)
443/tcp (v6)               ALLOW       Anywhere (v6)

But still I’m facing same issue. You have told me to re-issue the cert using certbot. I have used --standalone is this okay?

1 Like

Well, I still can’t connect on port 80 to your server. Did you check the security group as well?

Is nginx listening on 80 at all?

sudo ss -tlnp | grep nginx
1 Like

I have still doubt that my nginx server is listening 80 or not. Actually i’m new in ubuntu. I have executed ur command that you gave me. the result is:

LISTEN   0         128                 0.0.0.0:80               0.0.0.0:*        users:(("nginx",pid=29788,fd=8),("ngin ",pid=29783,fd=8))
LISTEN   0         128                 0.0.0.0:443              0.0.0.0:*        users:(("nginx",pid=29788,fd=10),("nginx",pid=29783,fd=10))
LISTEN   0         128                    [::]:80                  [::]:*        users:(("nginx",pid=29788,fd=9),("ngin ",pid=29783,fd=9))
1 Like

Yes, it’s for sure listening on port 80.

This still looks like a firewall issue to me. But if you say that your EC2 Security Group already allows port 80, then I dunno.

What is the actual listen line in nginx?

grrep -Ri "listen " /etc/nginx

Edit: have you checked the security group in your AWS console? I notice you haven’t answered the few times I have asked.

1 Like

Thanks for your help dear. It was not allowed in my Security group. I have allowed it and now its working. Thanks buddy.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.