Website only accessible from home network


#1

Hi,

Yesterday I installed (from home network with cerbot) successfully a letencrypt cert (with a common guide) on my vserver for a sub domain (felt proud).
Today I wanted to access it from my office or mobile network and just get:

Browser:
Secure Connection Failed

Curl:

  • Server aborted the SSL handshake
  • Closing connection 0
    curl: (35) Server aborted the SSL handshake

When I’m back in my home network it works perfectly. Also e.g. from my mobile phone (wifi).

How can that be??

Thanks for you help.


#2

Hi @551,

Maybe your office has a firewall that restricts what sites you can visit?


#3

I don’t think this is the problem. I have the same problem when I switch off wifi on my phone.


#4

I thought you were saying above that it works on your phone, but maybe I understood the opposite of what you meant to say.

Would you like to tell us the domain name?


#5

Please don’t mind that I don’t want to make my domain public without being sure it’s save yet.
Mentioning the phone was just to make clear that it’s not browser or device related. Just being in a different network than the network from were I did the cert installation (via ssh) makes the handshake fail.

It’s strange that when I right now run https://www.ssllabs.com/ssltest/analyze.html I get A+
Just few Handshake Simulations are failing; DNS CAA: no; DST Root CA X3: Self-signed; SSL2 and SSL3: no (some conspicious results)


#6

hi @551

This is the point where you have to make a decision

A) Keep all information to yourself and troubleshoot yourself
B) Share the information required (domain name) and let people assist

It’s unfair to ask people for help without providing the information needed to assist you.

There are several reasons why you may be getting the error and you have not provided a good enough explanation for people to assist.

Andrei


#7

Hi I found the problem.

My config was like:

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ...
}

Then I tried it with my concrete IP and it worked:

    server {
        listen 123.123.123.123:443 ssl;
        #listen [::]:443 ssl;
        ...
    }

But I don’t know why this made the differnce now.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.