I'm trying to add ssl to my website hosted on my VPS (Ubuntu 20). I do not have any skill nginx (v 1.18.0) and I just followed tutorials to add ssl to my website by helping letsEncrypt and certbot.
Here I have some problems:
- I followed this tutorial and in it's 3rd part I only used
sudo certbot --nginx -d example.com
because I faced error insudo certbot --nginx -d www.example.com
. So I decided to just add example.com and forward every request from www.appsazz.ir to appsazz.ir in nginx. Now certbot generated a file inside /etc/nginx/conf.d with the name www.appsazz.ir.conf.It's configuration did't resolved my problem I tryed to changed it a little. Here is the file configurations:
server {
if ($host = appsazz.ir){
return 301 https://$host$request_uri;
}
if ($scheme != "https"){
return 301 https://$host$request_uri;
}
}
server {
listen 80;
listen [::]:80;
root /var/www/venus;
server_name appsazz.ir www.appsazz.ir;
# managed by Certbot
listen 443 ssl default_server;
ssl_certificate /etc/letsencrypt/live/appsazz.ir/fullchain.pem; #managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/appsazz.ir/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
nginx -t
response seems to be ok:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
why when I request from browser to appsazz.ir it still loads with not secure?
- when I request on www.appsazz.ir Chrome responds with ERR_INTERNET_DISCONNECTED error
CodePudding user response:
Your setup is correct and appsazz.ir
is loading with https://
on the browser. I can also see the ssl certificate issued using let's encrypt
. However www.appsazz.ir
isn't configured properly in your DNS provider. A quick nslookup www.appsazz.ir
is showing this:
Server: 1.1.1.1
Address: 1.1.1.1#53
** server can't find www.appsazz.ir: NXDOMAIN
Please configure the subdomain www
to point to a valid IP or endpoint and it should work. In your case. appsazz.ir
points to IP 188.121.122.161
, I guess www.appsazz.ir
should be pointing to the same.