0

Problem: The https://192.168.0.4/ page is not loading and returns (on firefox):

Secure Connection Failed
An error occurred during a connection to 192.168.0.4. PR_END_OF_FILE_ERROR
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
Please contact the website owners to inform them of this problem.

While nginx still listens on port 80 (not port 443, as it should according to the configuration)

What I would like to do is reverse https nginx proxy for another http server, but now I just wanted to test out my certificates. I think that it's everything alright with the key/certificate pair, I've created them by:

$ sudo openssl genpkey -out fd.key \
-algorithm RSA \
-pkeyopt rsa_keygen_bits:2048 \
-aes-128-cbc

and then

$ sudo openssl req -new -x509 -days 365 -key server.key -out server.crt

I've left . (dot sign) in the fields during key/cert generation.

So I modified "default" site config file in /etc/nginx/available-sites like that:

server {
    #listen 80 default_server;
    #listen [::]:80 default_server;'
    
    # SSL configuration
    listen 9443 ssl default_server;
    listen [::]:9443 ssl default_server;
    ssl_certificate /etc/nginx/certs/server.crt;
    ssl_certificate_key /etc/nginx/certs/server.key;
    gzip off;
    
    root /var/www/html;

    location / { 
        #First attempt to serve request as file, then
        # as directory, then fall back to displaying a 404.        
        # try_files $uri $uri/ =404;    
     }

(A lot of other code commented and not related to this case)

xyz@OV:/etc/nginx/sites-available$ sudo nginx -t      
            nginx: the configuration file /etc/nginx/nginx.conf syntax is ok    
            nginx: configuration file /etc/nginx/nginx.conf test is successful

So it looks everything alright in this config. After making changes in config I always do sudo systemctl restart nginx.service.

On this configuration loaded, when I issue the 'sudo ss -tupln' command it outputs:

Netid  State   Recv-Q  Send-Q    Local Address:Port    Peer Address:Port    Process
tcp   LISTEN    0       511       0.0.0.0:80             0.0.0.0:*            users:(("nginx",pid=1727043,fd=6),("nginx",pid=1727042,fd=6),("nginx",pid=1727041,fd=6))
larsks
  • 43,623
  • 14
  • 121
  • 180
Szymon Starzyński
  • 1
  • 2

1 Answers1

0

Okay, now I've noticed, that config files in sites-available and their symlinks in sites-enabled just doesn't work. I've put the config file in conf.d directory and now it does the job!

BTW - why is that, and what may be the reason that the sites-* folders seem not working..?

Szymon Starzyński
  • 1
  • 2