Https connections go to 404

kyle_blake · 2024-11-22T23:14:38.551Z

Ok, got a very frustrating problem. I can serve pages just fine with a non-secure (normal http) connection. But if I go to https:// my webserver gives only 404s.

My nginx conf looks like this:

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections  1024;
}

http {
    server {
	listen       80;
        ssi on;
        server_name 193.237.138.111;
        server_name winged-horse.fyi;
           location / {
            root   /14tb/public/web/winged_horse;
            index  index.html index.htm;
        }
}

    server {
	listen       443 ssl;
        ssi on;
        ssl on;
        ssl_certificate /etc/letsencrypt/live/winged-horse.fyi/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/winged-horse.fyi/privkey.pem;

        include /etc/letsencrypt/options-ssl-nginx.conf;
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;

        server_name 193.237.138.111;
        server_name winged-horse.fyi;
           location / {
            root   /14tb/public/web/winged_horse;
            index  index.html index.htm;
        }
}}

As you can see, the config for http and https is exactly the same, except the https server has certbot junk in it. I've been at this for 3 hours and can't see what could be causing the problem.

My domain is: winged-horse.fyi

My web server is (include version): nginx/1.27.2

The operating system my web server runs on is (include version): RHEL 9.5

I can login to a root shell on my machine (yes or no, or I don't know): yes

The version of my client is certbot 3.0.1

Bruce5051 · 2024-11-22T23:28:20.023Z

Hello @kyle_blake, welcome to the Let's Encrypt community.

kyle_blake:

My web server is (include version): nginx/1.27.2

Actually I see Server: nginx/1.20.1 for HTTP

$ curl -i http://winged-horse.fyi/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Fri, 22 Nov 2024 23:25:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

Also shown here https://www.hardenize.com/report/winged-horse.fyi/1732317762#www_http

But for HTTPS I see Server: nginx/1.27.2

$ curl -i https://winged-horse.fyi/.well-known/acme-challenge/sometestfile
HTTP/1.1 404 Not Found
Server: nginx/1.27.2
Date: Fri, 22 Nov 2024 23:26:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.27.2</center>
</body>
</html>

Also shown here https://www.hardenize.com/report/winged-horse.fyi/1732317762#www_https

Two different instances of nginx maybe?

kyle_blake · 2024-11-22T23:32:22.283Z

That's very weird! I don't know how that can be the case. I am new to RHEL, and not sure how two different copies could be installed and running. It's a brand new OS install, maybe four days old.

I believe you are correct as systemctl stop nginx kills http, while https continues to 404.

kyle_blake · 2024-11-22T23:42:15.009Z

turns out I was having a senile moment - my router was still redirecting 443 to my old server, rather than my new one. this would explain the seemingly impossible results.

thank you, anyway, i wouldn't have figured this out unless you pointed out the differing version numbers

Bruce5051 · 2024-11-22T23:51:16.461Z

You are welcome @kyle_blake!
Have a pleasant day.