The nginx config which does all the proxying does not contain any configuration that would actually enable https on port 443.
After much debugging, I think I arrived at this configuration for nginx that allows letsencrypt to work and upgrades connection to ssl (you could live w/o that part)
server {
listen 80;
server_name 127.0.0.1;
#this was the main issue - root was pointing to the wrong location
root /var/www/certbot;
location /.well-known/ {
try_files $uri $uri/ =404;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/XXXX/fullchain.pem; #
ssl_certificate_key /etc/letsencrypt/live/XXXX/privkey.pem;
server_name xxxx;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/conf.d/htpasswd.users;
index index.html index.htm;
autoindex on;
root /var/www/html;
....
Hello,
The nginx config which does all the proxying does not contain any configuration that would actually enable https on port 443.
After much debugging, I think I arrived at this configuration for nginx that allows letsencrypt to work and upgrades connection to ssl (you could live w/o that part)