LetsEncrypt / nginx Issues

Checklist
[x ] I have read intro post: About the Installation Issues category
[x ] I have read the tutorials, help and searched for similar issues
[ x] I provide relevant information about my server (component names and versions, etc.)
I provide a copy of my logs and healthcheck
I describe the steps I have taken to trouble shoot the problem
I describe the steps on how to reproduce the issue

Hello everyone,
I’m contacting you because i have a issue with my Debian 11 when i try to put the nginx on my server this error come :


I have a public adress, i can go to network by the port 80 but he fail all time.

I install a CE version for informations and here is my conf :

nginx-passbolt.conf


I’m lost at this point.

If you want more informations, say it i can give you

Hi @UnsterKylink Welcome to the forum!

The firewall issue is one of of incoming…possibly combined with DNS settings for your domain.

Do you have ipv6 DNS for your domain but ipv6 blocked at the firewall?

Tey removing the listen[::]:80; and then restart nginx with

sudo service nginx reload

1 Like

Hi, i try your option.
So i remove listen[::]:80; and restart.

For the ipv6 DNS i don’t know i gonna tell the question to my manager

The same thing appeared

You think that can come because maybe we have a firewall who blocked ipv6 ?

To make Let’s Encrypt work, your server must be reachable from the internet on port 80/TCP.

In your case, this port is closed.

Hello, I’m back with good and bad news :grinning:

i finally decide to put the ssl manually and i use the reconfigure command to have a clean nginx and it’s work i have my page is up

But i still have a problem with my SSL access. I follow all rules to have a certificates manually and i still have a error message on the website.

Hello @UnsterKylink !

If I’m correct the warning comes from the fact that the webpage is served over HTTP and not HTTPS.
Depending on you configuration, you might need to open the port 443 if not done already.

For this one, as it is said there is a check to ensure the public key can be use for decryption and the private key can be used for decryption.

To make sure, it’s actually the case when validating the form there is an attempt for encryption and decryption done with the given key. I mean by that, that the server does not only check for the keys flags but is using the key to check if it’s truly usable.

It could come from the NTP yes, but apparently you’ve check that already.

Are you using the installer to generate the key pairs or did you import a custom one? If you imported your own, you might check if the key has been generated for decryption/encryption purpose.