I've installed a new SSL certificate and set up Nginx to use it. But requests time out when trying to hit HTTPS on the site. When I telnet to my domain on port 80 it connects, but times out on port 443. I'm not sure if there's some defaults on Ubuntu preventing a connection. cURL also times out to the HTTPS address but responds to regular HTTP.
UFW status shows:
443 ALLOW Anywhere
netstat -a shows:
tcp 0 0 *:https *:* LISTEN
nmap localhost shows:
443/tcp open https
The relevant block in the Nginx config is:
server {
listen 443;
listen [::]:80 ipv6only=on;
listen 80;
root /path/to/app;
server_name mydomain.com
ssl on;
ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location / {
proxy_pass http://mydomain.com;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Edit: having tried a whole range of nginx configuration options, I'm really doubting it's the setup. If the ssl-bundle.crt is screwed up, would it cause the time out to happen? If so I can revert to PositiveSSL for support.
Best Answer
Try this:
(remove
ssl on;, addssltolisten 443;)