Hi all,
I have 2 sites to run from one server. Both are based on ASP.Net Core.
Both have SSL certs from letsencrypt. One works perfectly. The other
sort of works. If I go to http://localhost:5100 by redirecting to
https://localhost:5101 and then it warns of an invalid certificate. If
I try lynx http://cleardragon.com a similar redirect takes place and I
get a "Alert!: Unable to connect to remote host" error and lynx closes down.
When I do sudo tail -f /var/log/nginx/error.log I see: 2022/10/02
12:44:22 [notice] 1624399#1624399: signal process started
I'm baffled as to how I can diagnose the problem.
Here's my nginx.conf just in case there is some error in it.
Thanks in advance,
Patrick
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
include /etc/nginx/conf.d/proxy.conf;
limit_req_zone $binary_remote_addr zone=one:10m rate=5r/s;
server_tokens off;
charset utf-8;
charset_types text/css text/xml text/plain text/vnd.wap.wml
application/javascript application/rss+xml;
sendfile on;
keepalive_timeout 29;
client_body_timeout 10; client_header_timeout 10; send_timeout 10;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
upstream kirksnet{
server localhost:5000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name kirks.net *.kirks.net;
ssl_certificate
/etc/letsencrypt/live/kirks.net/fullchain.pem;
ssl_certificate_key
/etc/letsencrypt/live/kirks.net/privkey.pem;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://kirksnet;
limit_req zone=one burst=10 nodelay;
}
}
upstream RazorHill{
server localhost:5100;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name server_name cleardragon.com
*.cleardragon.com;
ssl_certificate
/etc/letsencrypt/live/cleardragon.com/fullchain.pem;
ssl_certificate_key
/etc/letsencrypt/live/cleardragon.com/privkey.pem;
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
location / {
proxy_pass http://RazorHill;
limit_req zone=one burst=10 nodelay;
}
}
}