Nginx is not running in the HTTPS

Question

I installed Nginx in the Amazon Linux machine and using the config file:

http {
        
        upstream allbackend {
            #round robin private IP 
            server 172.31.xx.xxx:8080;
            server 172.31.xx.xx:8080;
        }
        
        server {
              listen 80;
              listen 443 ssl http2;
    
              ssl_certificate /etc/letsencrypt/live/xxx.ddns.net/fullchain.pem;
              ssl_certificate_key /etc/letsencrypt/live/xxx.ddns.net/privkey.pem;
    
              ssl_protocols TLSv1.3;
    
              location / {
                  proxy_pass http://allbackend/;
              }
         }
    
    }
    
    events { } 

However, the site xxx.ddns.net only works in the HTTP and not in the HTTPS. The security groups are defined:

The cURL returns this to me:

curl https://xxx.ddns.net/
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to xxx.ddns.net:443

What's the issue here?

Answer 1

You need one server-block for port 80 (HTTP) and one for port 443 (HTTPS). The server-block for port 80 just redirects to the server-block for port 443. The whole configuration looks something like this:

server {
      listen 80;
      server_name xxx.ddns.net www.xxx.ddns.net;
      return 301 https://xxx.ddns.net$request_uri;
}

server {
      listen 443 ssl http2;
      server_name xxx.ddns.net www.xxx.ddns.net;

      ssl on;
      ssl_certificate /etc/letsencrypt/live/xxx.ddns.net/fullchain.pem;
      ssl_certificate_key /etc/letsencrypt/live/xxx.ddns.net/privkey.pem;

      ssl_protocols TLSv1.3;

      location / {
          proxy_pass http://allbackend:port;
      }
 }

Hope this helps solving your problem :)