Website times out after running certbot

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: portcitydata.com

I ran this command: sudo certbot --nginx

It produced this output: succeeded

My web server is (include version): nginx version: nginx/1.14.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 18.04.2 LTS

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 0.23.0

I just created a static website page using nginx and then encrypted with Certbot it completed successfully and updated the Host file as expected (file below). However, now when I try the site it times out.

unifiadmin@unify:~$ cat /etc/nginx/sites-available/portcitydata.com
server {

    root /var/www/html/portcitydata;
    index index.html index.htm index.nginx-debian.html;

    server_name portcitydata.com;

    location / {
            try_files $uri $uri/ =404;
    }


listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/portcitydata.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/portcitydata.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = portcitydata.com) {
return 301 https://$host$request_uri;
} # managed by Certbot

    listen 80;
    listen [::]:80;

    server_name portcitydata.com;
return 404; # managed by Certbot

}

Check your Digital Ocean firewall for your droplet, you need to allow TCP port 443.

Same with your local firewall on your droplet, if any. For example, if you have ufw installed as your firewall:

ufw allow https
1 Like

Thanks _az!
I had added the rule https in both the ufw and Digital Ocean firewall:crazy. However, apparently I had an acute case of numeric dyslexia. I had opened port 433 in the DO firewall…

So that was it. :crazy_face:

Thanks again.

2 Likes