All Questions
1,220
questions
0
votes
0
answers
33
views
NGINX Multi Site * SSL Subdomains: Configuration file error : [emerg] duplicate listen options for 0.0.0.0:443
Currently in process of installing SSL on an NGINX, Ubuntu 22.04 Vultr server. I have two existing domains on the server. Setting up a wildcard SSL for an Wordpress Multi Site (Subdomain base) and am ...
- 1
-1
votes
1
answer
58
views
How can I authenticate the ownership of the server without opening port 80 in letsencrypt using nginx? [duplicate]
I am on nginx web server.
certbot --nginx -d domain_name
I'd do just this when port 80 used to be open. But a client doesn't know how to open port 80. So, I need alternatives.
0
votes
0
answers
47
views
TLS cipher suites ordering
I have nginx configured to use ssl_ciphers PROFILE=SYSTEM;.
And I have Alma Linux configured to use the DEFAULT crypto policy:
~$ update-crypto-policies --show
DEFAULT
From the RHEL 9 documentation:
...
- 161
-1
votes
1
answer
64
views
NGINX stream ssl_preread and vhost
I try to configure a vhost for my vdi (citrix) configuration. The conf makes me crazy! I must use ssl_preread to get working.
Actually, my configuration of NGINX is made over CWP. I have a subdmain ...
0
votes
0
answers
44
views
Ubuntu/Nginx server seems to be supplying non-existant SSL certificate
I had four websites configured on an Ubuntu 22.04 server using NginX.
There was a technical problem with the database connection that required me to move the four websites to a new server.
I moved ...
- 87
0
votes
1
answer
24
views
Laravel app routes not working when using domain name (fine with IP address) on AWS Lightsail
I am running a Laravel 10.x application on an Amazon Lightsail server here - 18.134.48.92
Currently when browsing to http://18.134.48.92/login I am correctly shown the login page (I am using Laravel ...
- 201
0
votes
1
answer
51
views
VM crash - can it be related to SSL errors?
I am not much into server configuration, and I need some help with a problem I am facing.
I have an Debian 11 machine with nginx 1.18.0.
It frequently crashes around 2:00 - 3:00 am.
By inspecting ...
- 173
0
votes
0
answers
87
views
why is docker not responding to apache2 port 443 proxpass but fine on port 80?
I have an Azure VM which has an apache2 running with the following configuration,
<VirtualHost *:80>
ServerName .com
ProxyRequests On
ProxyPass / http://127.0.0.1:...
0
votes
0
answers
40
views
Cerbot for both NGINX and Redis
I'm running ubuntu with both NGINX (443) and Redis (6379) ports exposed separately on the same machine,
I want them both to use TLS and for that I'm using Cerbot.
From time to time Cerbot ...
- 1
0
votes
1
answer
95
views
nginx does not forward traffic with TLS v1.1
Im using nginx 1.18.0 on an Ubuntu 22.04 server machine as a reverse proxy. Everything works fine except for one thing.
A client uses a desktop application, which sends https requests to a specific ...
- 1
0
votes
0
answers
52
views
Nginx rewrite proxy_pass SSL
So if I'm running proxy_pass with ssl but with no rewrites then everything work fine. Few lines from Nginx config:
location /v3 {
proxy_ssl_server_name on;
proxy_pass https://example....
- 101
0
votes
1
answer
39
views
What kind of certificate (signed by public authority) is needed for mTLS?
I have nginx setup with mTLS with manually created CA certificate in virtual host. For SSL we use Let's encrypt.
ssl_client_certificate /etc/ssl/ca.crt;
ssl_verify_client on;
I am able to connect to ...
- 151
0
votes
0
answers
72
views
IIS resets TLS handshake with nginx reverse proxy
I am using 2 synchronized IIS servers (as backend for failover) and an nginx reverse proxy (as frontend).
Both IIS servers have identical configuration and websites (due to sync). All websites are ...
- 1
0
votes
0
answers
437
views
mTLS with NGINX & Let's encrypt - 400 The SSL certificate error
I use nginx and let's encrypt. Server is running on server.io.
I need to setup mTLS and therefore I need client certificate as well.
I created another Let's encrypt certificate for client.io (I used ...
- 151
0
votes
0
answers
59
views
NGINX fails to connect to Nextcloud instance
I have a server running proxmox with 3 VMs: NGINX, Bitwarden and Nextcloud. Bitwarden works fine which proves that NGINX is working ok, however when NGINX tries to connect to Nextcloud it will result ...
0
votes
1
answer
290
views
Nginx as forward proxy for secure LDAP
I need help building a forward proxy for secure LDAP.
A client connects to a TCP proxy and request must be redirected to a secure LDAP at TCP 636.
[client]------->[localhost:636 Nginx-proxy]----TLS-...
- 135
0
votes
0
answers
48
views
Nginx - HTTPS SSL Issue with Certbot
I've setup HTTPS SSL with letsencrypt and certbot and the main domain was pointing to the the machine that is running my site, working fine etc. Until of course I tried setting up the SSL for HTTPS.
...
1
vote
1
answer
76
views
What steps can I take to troubleshoot why my server is not accessible over HTTPS after enabling SSL with Certbot?
I'm looking for assistance in diagnosing and resolving this issue. What steps can I take to troubleshoot why my server is not accessible over HTTPS after enabling SSL with Certbot? Are there any ...
- 13
0
votes
1
answer
29
views
Trying to run Security Onion on AWS behind an ALB (nginx behind ALB)
I've got a wildcard certificate for internal services. I'd like to run Security Onion behind an ALB so I can get valid SSL with a single certificate stored in certificate manager. (Storing it there is ...
- 775
0
votes
1
answer
90
views
Nginx returns different SSL certificates for one domain
Problem summary:
one nginx server
one domain with SSL certificate
when accessing the site from one network, nginx returns the correct current certificate (1), and when accessing from other networks - ...
1
vote
0
answers
2k
views
SSL_do_handshake() failed warning on nginx (error 0A000412)
I have a nginx server functioning as a reverse proxy. It is sat behind Cloudflare.
The website is functioning fine (there are no errors on the browser), but there are lots of warnings in the logs like ...
- 111
0
votes
1
answer
121
views
Moving from Apache2 to NGINX configuration
I have been trying to get my website up after moving from apache2 to nginx on my AWS Ubuntu 20.04 server. I have translated the relevant files from apache2 over to my nginx configuration, however I ...
- 3
0
votes
0
answers
311
views
"wildcard" ssl certificate for all domains pointing to nginx server
I have a nginx server with the following (simplified) server block:
server {
listen 80;
server_name _;
location / {
root /var/www/html;
index index.html;
}
}
Every ...
- 111
0
votes
1
answer
64
views
What are the DNS names and IP addresses used for a reverse proxy?
I have the same scenario described in this question. I have a client connecting to an nginx reverse proxy with multiple backend services and need to set up certificates.
...
- 1,078
0
votes
0
answers
35
views
nginx reverse proxy gateway not behaving with ssl
port 80 on the web server destination serer 192.168.0.43 works in every way: gateway and inside the lan. Perfect.
I have the certbot certs on the gateway 192.168.0.60 generating perfectly
the domain ...
- 123
0
votes
1
answer
666
views
nginx reverse proxy https to http
I have a Linux server, on which I created a public web app (as a test) accessible here: http://tropo.gps.caltech.edu:9384/jsserve
It works as intended. As you can see, it is served on port 9384 with ...
0
votes
0
answers
82
views
nginx ipv6 SSL server block responding to basic http port 80 connections
Running into an issue that I haven't seen before.
In my nginx config, I have a server block setup for a single subdomain that is only listening on port 443 (ssl).
However, when I test the connection ...
- 637
0
votes
1
answer
352
views
Unable to verify TLS cert with only CommonName in NGINX reverse proxy
I'm looking to create an NGINX reverse proxy to my WiFi router, and I'm looking to verify the connection. My router uses a self-signed certificate which lists the tplinkwifi.net domain as the Subject ...
- 101
0
votes
1
answer
387
views
Reusing client certificate for TLS proxy with nginx?
I have a TCP application that uses mutual TLS to authenticate connecting clients.
Because of increased traffic I'd like to clusterize the application and load-balance the nodes with nginx. I already ...
- 103
2
votes
1
answer
368
views
Nginx reverse proxy ssl: This page isn't redirecting properly
Okay, to start off with I'm new to all of this and still learning. I've got Nginx set up, and my standard reverse proxies work both inside of and outside my network. I've set up certbot and generated ...
- 41
1
vote
1
answer
82
views
Redirecting specific subdomain with NGINX to point to a different website while using SSL
I have the following NGINX configuration:
# HTTP Redirect
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
# ...
- 113
0
votes
2
answers
117
views
nginx as a web proxy with ssl
I have installed proxmox and am running a simple ubuntu server where I have installed nginx. How and where do I setup ssl? I only want to use nginx to forward location to another web server. Can I set ...
- 215
0
votes
1
answer
360
views
Nextcloud Web App hosted on Nginx has incredible slow TLS handshake
I’m self-hosting a Nextcloud instance. I updated this for years and was always very happy with it. I don’t use docker but hosting bare metal on a Debian 11 Bullseye system. For SSL, I use Let’s ...
- 445
2
votes
1
answer
444
views
nginx fail SSL after upgrade ubuntu 22.04 from 20.04
I wonder if someone has encountered this issue with nginx after upgrade ubuntu from 20.04 to 22.04.
In nginx log file this appears. Seems to be something wrong with SSL.
2023/03/01 08:42:31 [emerg] ...
- 21
0
votes
0
answers
100
views
This connection is not secure. Logins entered here could be compromised
This is on Geoserver which uses Jetty/Java. I followed this article on a Debian machine and then added SSL with Certbot (my padlock is fine). The message comes up when I click the user/password input ...
- 1
0
votes
0
answers
83
views
SSL handshake error - log domain name with Nginx
Is it possible to extend SSL handshake error log to determine which domain was requested? Now I get log in the following format without any information about domain:
2023/02/27 12:27:58 [info] 60011#...
- 276
0
votes
0
answers
778
views
NGINX server is producing error response code 400 and "Bad Request" message when the server is rapidly requested
The API serves as a proxy for M3U8 videos. While accessed through an HTTP connection at IP:port requests to the API never result in a response code 400. Despite being tested under semi heavy load(10 ...
- 1
0
votes
0
answers
165
views
NGINX: Is it possible to configure mTLS without an ssl_client_certificate?
The system I am working with allows clients to register their public keys for mTLS with an application server. We would like our client's applications to establish an mTLS connection with an NGINX ...
- 101
0
votes
1
answer
119
views
nginx multiple certificate types
I have a single server block that I want to offer two kinds of certificate for: one ECC and one RSA. The ECC cert is because for certain of the clients ECDSA is the only viable option in TLS 1.2 (and ...
- 103
0
votes
0
answers
187
views
Nginx reverse proxy SSL using different domain on each side
I need a little tip on how to solve a setup I came across where client wants to access an HTTPs API hosted on api.foo.com (our domain, with *.foo.com certificate) using api.bar.com (client's domain ...
- 1
0
votes
0
answers
34
views
HAProxy balance API
I have use many hour to search and learn the HAProxy config but i can't make the desired result in any way.
I'll explain my scenario.
I have three different server:
api1.test.eu 10.20.30.130:8764
api2....
- 1
1
vote
1
answer
1k
views
NGINX enforces TLS 1.3 even though I set up TLS 1.2
on my Server, Debian 11 bullseye 5.10.0-20-amd64
# nginx -V
nginx version: nginx/1.18.0
built with OpenSSL 1.1.1n 15 Mar 2022
TLS SNI support enabled
when using the SSL config from mozilla (https://...
- 21
2
votes
3
answers
1k
views
How to troubleshoot ERR_SSL_VERSION_OR_CIPHER_MISMATCH on server with nginx reverse proxy and let's encrypt?
I have a server (Debian 9.13) with several websites running in Docker containers with nginx (1.13.12) as a reverse proxy.
The websites are under two domain names : alchimie-web.com and ...
- 43
1
vote
1
answer
180
views
Magento2 website with nginx(with SSL termination) and varnish cache
I have hosted Magento2 website with Nginx, SSL termination, and Varnish cache.
Varnish cache is running on port 8080 and the Magento2 website is hosted on Nginx port 8081. Http and Https traffic is ...
- 11
0
votes
0
answers
289
views
Nginx Proxy Reverse With 2 subdomain behind cloudflare
Hello to all dear teachers, I am almost an amateur in the network and I thank you in advance for your guidance
I am considering, using a reverse proxy, to send requests from the primary server to a ...
0
votes
0
answers
27
views
NGINX SSL directory and .crt and .key files permissions [duplicate]
in folder /etc/nginx/ssl/ I have public and private key for domain for wildcard SSL certificate purchased from CA and transferred as root to that folder. SSL request has made on another windows ...
- 123
0
votes
0
answers
416
views
Nginx SSL private key error
I'm configuring Nginx with self-signed SSL certificate. Nginx fails to start due to the following error
[emerg] cannot load certificate key "/path/to/my.key": PEM_read_bio_PrivateKey() ...
0
votes
1
answer
744
views
How to resolve "400 Bad Request" after cloning a webserver that uses Cloudflare for SSL?
I'm trying to clone a webserver that hosts sites that rely on Cloudflare for their SSL certificates.
After cloning the server and updating my local hosts file to point the site to the new server, I'm ...
- 113
2
votes
0
answers
753
views
NGINX: Configure to setup mTLS with ssl_client_certificate, ssl_verify_client, ssl_certificate and ssl_certificate_key
Right off the bat there are a couple posts that go through this issue but I am unsure what the settings are doing exactly in order to achieve the correct result. I'm able to verify the client but not ...
0
votes
1
answer
5k
views
NGINX + OpenSSL + Docker. Cannot load certificate key Permission denied. SSL:error:0200100D:system
I want to deploy a SSL certified angular app using nginx reverse proxy on docker (using docker compose). I've generated self-signed certification with openssl and made the configurations to the nginx ...