Dimash
Reputation: 16
Backend fails after adding SSL certificate. Nest/Nginx
My backend is not working after adding the SSL certificate. The backend worked with http before but after adding SSL certificate it stopped working. I thought the problem is with nginx configurations but I think the problem is not in that but something else. My back is developed on nestjs
server {
listen 443 ssl;
server_name example.com www.example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-A>
root /var/www/html;
index index.html index.htm;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header Content-Security-Policy upgrade-insecure-requests;
# frontend
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
# backend
location /api/ {
proxy_pass https://127.0.0.1:5001/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
main.ts
import { NestFactory } from '@nestjs/core';
import { AppModule } from './app.module';
import * as fs from 'fs';
import * as https from 'https';
async function bootstrap() {
const httpsOptions = {
key: fs.readFileSync('/etc/letsencrypt/live/example.com/privkey.pem'),
cert: fs.readFileSync('/etc/letsencrypt/live/example.com/fullchain.pem'),
};
const app = await NestFactory.create(AppModule, {
httpsOptions,
});
await app.listen(5001, () => {
console.log('Server is running on https://localhost:5001');
});
}
bootstrap();
NGINX LOGS
2025/01/17 17:05:07 [error] 325374#325374: *278 connect() failed (111: Unknown error) while connecting to upstream, client: 149.154.161.248, server: example.com, request: "GET /api/ HTTP/1.1", upstream: "https://127.0.0.1:5001/", host: "example.com"
2025/01/17 17:05:17 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/ HTTP/1.1", upstream: "https://127.0.0.1:5001/", host: "example.com", referrer: "https://web.telegram.org/"
2025/01/17 17:05:22 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:06:08 [error] 325374#325374: *284 connect() failed (111: Unknown error) while connecting to upstream, client: 149.154.161.201, server: example.com, request: "GET /api/ HTTP/1.1", upstream: "https://127.0.0.1:5001/", host: "example.com"
2025/01/17 17:06:28 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:06:28 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:06:29 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:06:29 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:06:29 [error] 325374#325374: *280 connect() failed (111: Unknown error) while connecting to upstream, client: 80.242.211.179, server: example.com, request: "GET /api/hello HTTP/1.1", upstream: "https://127.0.0.1:5001/hello", host: "example.com"
2025/01/17 17:07:09 [error] 325374#325374: *297 connect() failed (111: Unknown error) while connecting to upstream, client: 149.154.161.218, server: example.com, request: "GET /api/ HTTP/1.1", upstream: "https://127.0.0.1:5001/", host: "example.com"
I checked if the ports and queries are working correctly via curl -v at the end of the query the following message is displayed
{"message":"Cannot GET /","error":"Not Found","statusCode":404}
I've tried changing permissions on ssl certificates to make it work, changed nginx configuration thinking that's the problem but it's the backend that still doesn't work.
Upvotes: 0
Views: 36
Answers (0)
Related Questions
- Running REST API (Ollama) and Nginx reverse proxy
- nginx config with docker bad getway
- Nginx on Docker (Connection Refused while connecting to upstream)
- Elasticbeanstalk app Error 502 bad gateway but app is running
- Load Balancer Nginx 502 Bad Gateway, No live upstream Docker
- Docker Compose with Express.js and Nginx - 502 response