28

Runnning NGINX SSL and the browser continues to timeout.

Here is my NGINX conf file:

worker_processes  4;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
    worker_connections 1024;
    use epoll;
}

http {
    proxy_next_upstream error;
    charset utf-8;
    include mime.types;
    default_type application/octet-stream;
    access_log /var/log/nginx/access.log;
    keepalive_timeout 65;
    keepalive_requests 0;
    proxy_read_timeout 200;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    gzip on;
    gzip_min_length 1000;
    gzip_proxied any;
    gzip_types text/plain text/css text/xml
               application/x-javascript application/xml
               application/atom+xml text/javascript;
    server{
            ### WEB Address ###
        server_name mydomain.com;


            ### SSL log files ###
            access_log /var/log/nginx/ssl-access.log;
    error_log /var/log/nginx/ssl-error.log;
    listen 443;

            ### SSL Certificates ###
    ssl on;
    ssl_certificate /etc/nginx/unified.crt;
    ssl_certificate_key /etc/nginx/ssl.key;
    keepalive_timeout    60;

            ### PROXY TO TORNADO ###
            location / {
        proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://127.0.0.1:8889;
        }
  }
}

The SSL access log and error log is blank.

I've tried restarting NGINX a couple of times. As a side note commenting out SSL and setting listen to 80 works for non-SSL connections.

Any help would be great?

Improve this question

4 Answers 4

Reset to default
77

Maybe 443 port is closed on your server? Check this with http://www.yougetsignal.com/tools/open-ports/

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

I never though that this is going to be the problem you don't know how much happiness you brought to me. Thank you so much.
Thanks, helped me too :) with Let's Encrypt certificate.
Mate..you saved me :)
Thanks a lot for this, I checked and my port 443 is closed. How did you opened it to solved this?
I had the porn open from inside lightsail but had to open it from console as well
10

I agree with Klen´s answer, and I would add more.

First, go and check that your port 443 is open in http://www.yougetsignal.com/tools/open-ports/

If it´s closed, go to your aws console, select your instance and go to description -> security groups -> launch_wizard-1

enter image description here

Then click on edit -> Add Rule

Select HTTPS from the options and you should see this

enter image description here

Improve this answer

Comments

5

There are several things to check out

#1: Check if https is allowed in your ubuntu server

sudo ufw allow https && sudo ufw enable

#2: Check if port 443 is opened

Improve this answer

Comments

0

First i checked what is listening on port 443 by this command:

lsof -iTCP -sTCP:LISTEN -P

I saw nginx which was correct Then i checked whether the 443 is opened by the tool mentioned by klen (http://www.yougetsignal.com/tools/open-ports/) Port 443 was closed so I had to run

iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT

to open port 443

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.