Very very similar to issue here, but the solutions posted did not work for me.
I am using nginx as a reverse proxy on my home network in order to host a couple of websites. I have been using Cloudflare to manage my domain for a while, and am trying to get an nginx SSL setup for one of the things I am trying to host that requires https.
Like the linked post, DNS resolution works fine over just http.
I also did:
- Used
certbox --nginx -d subdomain.example.com -d www.subdomain.example.comto get the certs wheresubdomain.example.comis replaced with my domain. sudo nginx -tsudo nginx -s reload
I do not have a ufw firewall.
My nginx config looks like this:
server { listen 443 ssl; listen [::]:443 ssl; server_name subdomain.example.com www.subdomain.example.com; location / { proxy_pass http://192.168.0.103:5006; include proxy_params; } ssl_certificate /etc/letsencrypt/live/subdomain.example.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/subdomain.example.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot}server { if ($host = www.subdomain.example.com) { return 301 https://$host$request_uri; } # managed by Certbot if ($host = subdomain.example.com) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name subdomain.example.com www.subdomain.example.com; return 404; # managed by Certbot}When I go to another site (over http) that is on my reverse proxy, it works still, so I think my setup for the reverse proxy has not been messed up beyond the certs. When I try to go to subdomain.example.com, the connection just times out.
I have tried both enabling and disabling the traffic proxy on Cloudflare DNS, it did not seem to change anything (maybe it takes a while for the changes to take effect?). I also tried switching the Cloudflare SSL setting from Flexible -> Full, which also did not seem to change anything.
I am very new to setting up networks like this so it is highly likely that I missed something. Thoughts?