Unable to get https certificate for openhab2

I am getting this outptut

Please show both:
more /etc/nginx/sites-enabled/https.conf
more /etc/nginx/sites-available/https.conf

and
ls -l /etc/nginx/sites-enabled/

OR we can just add directly to the /etc/nginx/nginx.conf file.

Please delete both files:
rm /etc/nginx/sites-enabled/https.conf
rm /etc/nginx/sites-available/https.conf

and create one at:
/etc/nginx/sites-enabled/https.conf
with:
https.txt (669 Bytes)

After following above steps, I am getting below error,

image.png1366×768 80.9 KB

Hi @_DJ

this is normal. Because ( https://check-your-website.server-daten.de/?q=veplopenhab.ga ):

With the result Grade Y:

|Y|veplopenhab.ga||---|---||||||10.1.68.206|||warning: Private ip address found: 10.0.0.0 to 10.255.255.255: Class A - one private net with 16.777.216 adresses|

You use a private ip address. That works only in a local environment.

yes… It is show my machine IP like 10.xx.xx.xx

Please show (again):
netstat -pant | grep -i nginx

We need to get nginx on port 4443.

Ok…We need to use 4443 port to nginx instead of 80.

Please modify the file:
/etc/apache2/sites-enabled/000-default.conf

and add this at the end of it:

So it will have 80 and 4443.

It need to change like this,

<VirtualHost *:80>

as

<VirtualHost *:4443>

No, the one file can have both:

<VirtualHost *:80>
…text
</VirtualHost>

<VirtualHost *:4443>
…text
</VirtualHost>

I have modified like this ,

<VirtualHost *:4443>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =veplopenhab.ga
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

This is not a good modification.
Now that 4443 vhost config block is missing many things.
It will not work properly.
At best, it will only do http on port 4443 (and not proxy to 8443).

Make it look like this:

<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/html

        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =veplopenhab.ga
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:4443>
server {
  listen 4443 ssl;
  server_name veplopenhab.ga;

  ssl_certificate /etc/letsencrypt/live/veplopenhab.ga-0001/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/veplopenhab.ga-0001/privkey.pem;

#  error_log	/location/to/error.log.file

  location / {
   proxy_pass https://localhost:8443/;
   proxy_set_header Host $http_host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   satisfy any;
   allow 10.0.0.0/8; # ONLY Internal network has access
   allow 127.0.0.1;
   deny all;
  }
 }
</VirtualHost>

sorry, I missed to add your previous changes which you given for proxy. I will try you new changes.