Home > Blockchain >  ssl with certbot and nginx on ubuntu
ssl with certbot and nginx on ubuntu

Time:09-27

I'm trying to add ssl to my website hosted on my VPS (Ubuntu 20). I do not have any skill nginx (v 1.18.0) and I just followed tutorials to add ssl to my website by helping letsEncrypt and certbot.

Here I have some problems:

  1. I followed this tutorial and in it's 3rd part I only used sudo certbot --nginx -d example.com because I faced error in sudo certbot --nginx -d www.example.com. So I decided to just add example.com and forward every request from www.appsazz.ir to appsazz.ir in nginx. Now certbot generated a file inside /etc/nginx/conf.d with the name www.appsazz.ir.conf.It's configuration did't resolved my problem I tryed to changed it a little. Here is the file configurations:
server {
        if ($host = appsazz.ir){
                return 301 https://$host$request_uri;
        }
        if ($scheme != "https"){
                return 301 https://$host$request_uri;
        }
}
server {

    listen 80;
    listen [::]:80;
    root /var/www/venus;
    server_name  appsazz.ir www.appsazz.ir;

    # managed by Certbot
    listen 443 ssl default_server;
    ssl_certificate /etc/letsencrypt/live/appsazz.ir/fullchain.pem; #managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/appsazz.ir/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

nginx -t response seems to be ok:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok

nginx: configuration file /etc/nginx/nginx.conf test is successful

why when I request from browser to appsazz.ir it still loads with not secure?

  1. when I request on www.appsazz.ir Chrome responds with ERR_INTERNET_DISCONNECTED error

CodePudding user response:

Your setup is correct and appsazz.ir is loading with https:// on the browser. I can also see the ssl certificate issued using let's encrypt. However www.appsazz.ir isn't configured properly in your DNS provider. A quick nslookup www.appsazz.ir is showing this:

Server:     1.1.1.1
Address:    1.1.1.1#53

** server can't find www.appsazz.ir: NXDOMAIN

Please configure the subdomain www to point to a valid IP or endpoint and it should work. In your case. appsazz.ir points to IP 188.121.122.161, I guess www.appsazz.ir should be pointing to the same.

  • Related