actually i had setup my ubuntu server with vesta cp (apache with nginx proxy). i installed letsencrypt and it installed successfully. the problem is ssl works only with vestacp admin panel on port 8083. other than that document root (public_html) never works. I tried all possible fixes googling and it never worked. i checked everything. port 443 is open. but still not loading.
the error i get in firefox is : **"Secure Connection Failed, The connection to ******.com was interrupted while the page was loading. The page you are trying to view cannot be shown because the authenticity of the received data could not be verified."**
none of my firewall configuration blocking it. i have removed and reinstalled letsencrypt certificates using certbot successfully but the same thing happens again.
there are two files created by vestacp for nginx config. one is for normal http "nginx.conf" and another one is for https "snginx.conf"
my nginx.conf has the following codes:
Code: Select all
server {
listen 192.168.1.2:443;
ssl on;
server_name xxxxxxx.com www.xxxxxxx.com;
ssl_certificate /home/admin/conf/web/ssl.xxxxxxx.com.pem;
ssl_certificate_key /home/admin/conf/web/ssl.xxxxxxx.com.key;
error_log /var/log/apache2/domains/xxxxxxx.com.error.log error;
### Add SSL specific settings here ###
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 60;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
location / {
proxy_pass https://192.168.1.2:8443;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv|mov|mpeg|mpg|wmv|exe|iso|dmg|swf)$ {
root /home/admin/web/xxxxxxx.com/public_html;
access_log /var/log/apache2/domains/xxxxxxx.com.log combined;
access_log /var/log/apache2/domains/xxxxxxx.com.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias /home/admin/web/xxxxxxx.com/document_errors/;
}
location @fallback {
proxy_pass https://192.168.1.2:8443;
}
location ~ /\.ht {return 404;}
location ~ /\.svn/ {return 404;}
location ~ /\.git/ {return 404;}
location ~ /\.hg/ {return 404;}
location ~ /\.bzr/ {return 404;}
include /home/admin/conf/web/snginx.xxxxxxx.com.conf*;
}
the only modification i made here was code in "### Add SSL specific settings here ###"
.i checked nginx config and restarted it was ok. but still not working.
there are two files created by vestacp for apache config. one is for normal http "apache2.conf" and another one is forhttps "sapache2.conf"
my sapache2.conf file has following code in it
Code: Select all
<VirtualHost 192.168.1.2:8443>
ServerName xxxxxxx.com
ServerAlias www.xxxxxxx.com
ServerAdmin [email protected]
DocumentRoot /home/admin/web/xxxxxxx.com/public_html
ScriptAlias /cgi-bin/ /home/admin/web/xxxxxxx.com/cgi-bin/
Alias /vstats/ /home/admin/web/xxxxxxx.com/stats/
Alias /error/ /home/admin/web/xxxxxxx.com/document_errors/
SuexecUserGroup admin admin
CustomLog /var/log/apache2/domains/xxxxxxx.com.bytes bytes
CustomLog /var/log/apache2/domains/xxxxxxx.com.log combined
ErrorLog /var/log/apache2/domains/xxxxxxx.com.error.log
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /home/admin/conf/web/ssl.xxxxxxx.com.crt
SSLCertificateKeyFile /home/admin/conf/web/ssl.xxxxxxx.com.key
SSLCertificateChainFile /home/admin/conf/web/ssl.xxxxxxx.com.ca
<Directory /home/admin/web/xxxxxxx.com/public_html>
AllowOverride All
SSLRequireSSL
Options +Includes -Indexes +ExecCGI
php_admin_value open_basedir /home/admin/web/xxxxxxx.com/public_html:/home/admin/tmp
php_admin_value upload_tmp_dir /home/admin/tmp
php_admin_value session.save_path /home/admin/tmp
</Directory>
<Directory /home/admin/web/xxxxxxx.com/stats>
AllowOverride All
</Directory>
<IfModule mod_ruid2.c>
RMode config
RUidGid admin admin
RGroups www-data
</IfModule>
<IfModule itk.c>
AssignUserID admin admin
</IfModule>
IncludeOptional /home/admin/conf/web/sapache2.xxxxxxx.com.conf*
</VirtualHost>
i tried reloading and restarting apache and nginx. it runs ok but https only works on port 8083, vestacp admin panel. i tried disabling firewalls and checked. the result is same.
all i can see is in chrome it reloads several times like establishing secure connection, connecting and finaly error follows after few seconds. in firefox, error as said above.
i checked by placing a dummy index.html in my home directory (moving wordpress index.php). but same error comes.
please help me. i am cracking my head here..