Colleague found that the Nginx configuration after HTTPS can not access, I help solve the time from the following starting point
1.防火墙未开放443端口2.配置出错
So we netstat -anp
look at the ports that the firewall is opening
The discovery is already listening, that must be a configuration problem.
Check the configuration is not a problem, re-generate certificates and other methods are still inaccessible, even on the other machine HTTPS configuration copy come over still inaccessible
Calm down and think about it, Nginx has no return status, directly unable to connect. Is this the end of the request?
You can only go to the firewall configuration file.
vim /etc/sysconfig/iptables
The problem is here, the open port must be
-A input-j reject–reject-with icmp-host-prohibited
The front of this sentence, front, front!!!
Because of the sequential execution, the rules placed on the back are not valid, and the web usually sees such a word
Special Note: Many netizens add these two rules to the last line of the firewall configuration, causing the firewall to fail to start, the correct one should be added to the default 22 port under this rule
The reason is that the effect of this rule is to reject all-j REJECT in the Iptables help document there is a description of this is used to send back a error packet in response to the matched packet
is to indicate rejection of you and return an incorrect connection information. Request not to nginx that, certainly no status code returned, and your browser can only return is unable to connect.
Summarize
The content that is NETSTAT-ANP is deceived, the rule is added, but has no effect.
If the return 404,403 and so on, that the description is Nginx configuration and other factors;
If the connection is not possible, it is usually a firewall, or the Nginx is a startup and other likely factors;
Calmly analyze the problem, look at the error message, is the solution to the problem, never try stuff until it works, that can only be useless work.
Nginx HTTPS configuration can not be accessed, the firewall may be in mischief