Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

Dragotic's avatar

NGINX accepts HTTP requests not HTTPS

Hello, so I have configured my NGINX and it accepts normally the HTTP request. However when I try to make it accept HTTPS it throws me "connection refused error".

Here's how it looks for HTTP(works fine):

fastcgi_cache_path /dev/shm levels=1:2 keys_zone=laravel:100m;
fastcgi_cache_key "$scheme$request_method$host$request_uri$query_string";

server {
    listen 80 default_server;
    server_name subdomain.example.com;

    root   /usr/share/nginx/html/;
    index  index.php index.html;

    client_max_body_size 5M;
    gzip on;
    gzip_http_version  1.1;
    gzip_comp_level    5;
    gzip_min_length    256;
    gzip_proxied       any;
    gzip_vary          on;

    gzip_types
    application/atom+xml
    application/javascript
    application/json
    application/rss+xml
    application/vnd.ms-fontobject
    application/x-font-ttf
    application/x-web-app-manifest+json
    application/xhtml+xml
    application/xml
    font/opentype
    image/svg+xml
    image/x-icon
    text/css
    text/plain
    text/x-component;


    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        root /var/www/html/public;
        fastcgi_cache laravel;
        fastcgi_cache_valid 200 204 1m;
        fastcgi_ignore_headers Cache-Control;
        fastcgi_no_cache $http_authorization $cookie_laravel_session;
        fastcgi_cache_lock on;
        fastcgi_cache_lock_timeout 10s;

        add_header X-Proxy-Cache $upstream_cache_status;

        fastcgi_pass   app:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_read_timeout 900s;
        include        fastcgi_params;
    }

    location ~* \.(jpg|jpeg|png|gif|ico|css|js|eot|ttf|woff|woff2)$ {
        expires max;
        add_header Cache-Control public;
        add_header Access-Control-Allow-Origin *;
        access_log off;
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ /\.ht {
        deny all;
    }
}

and here for HTTPS(doesn't work):

fastcgi_cache_path /dev/shm levels=1:2 keys_zone=laravel:100m;
fastcgi_cache_key "$scheme$request_method$host$request_uri$query_string";

server {
    listen 80;
    server_name subdomain.example.com;

    return 301 https://subdomain.example.com$request_uri;
}



server {
    listen 443 default_server ssl;
    server_name subdomain.example.com;

    ssl_certificate    /etc/ssl/certs/ssl.crt;
    ssl_certificate_key    /etc/ssl/private/ssl.key;

    root   /usr/share/nginx/html/;
    index  index.php index.html;

    client_max_body_size 5M;
      gzip on;
      gzip_http_version  1.1;
      gzip_comp_level    5;
      gzip_min_length    256;
      gzip_proxied       any;
      gzip_vary          on;

      gzip_types
        application/atom+xml
        application/javascript
        application/json
        application/rss+xml
        application/vnd.ms-fontobject
        application/x-font-ttf
        application/x-web-app-manifest+json
        application/xhtml+xml
        application/xml
        font/opentype
        image/svg+xml
        image/x-icon
        text/css
        text/plain
        text/x-component;


    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ \.php$ {
        root /var/www/html/public;
        fastcgi_cache laravel;
        fastcgi_cache_valid 200 204 1m;
        fastcgi_ignore_headers Cache-Control;
        fastcgi_no_cache $http_authorization $cookie_laravel_session;
        fastcgi_cache_lock on;
        fastcgi_cache_lock_timeout 10s;

        add_header X-Proxy-Cache $upstream_cache_status;

        fastcgi_pass   app:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_read_timeout 900s;
        include        fastcgi_params;
    }

    location ~* \.(jpg|jpeg|png|gif|ico|css|js|eot|ttf|woff|woff2)$ {
        expires max;
        add_header Cache-Control public;
        add_header Access-Control-Allow-Origin *;
        access_log off;
        try_files $uri $uri/ /index.php?$query_string;
    }

    location ~ /\.ht {
        deny all;
    }
}
0 likes
8 replies
bashy's avatar

Connection refused means there's nothing listening on the HTTPS port (443).

bashy's avatar

@Dragotic Doesn't mean nginx can listen on that port properly.

You need to check netstat to check it's there first

sudo netstat -tulpn | grep 443
// or
sudo netstat -tulpn | grep LISTEN

Then we can go from there if it's listed.

Dragotic's avatar

@bashy nginx runs inside a docker container on an Azure VM.

tcp6    0   0   : : :443    : : : *     LISTEN  6224/docker-proxy
tcp6    0   0   : : :80     : : : *     LISTEN  6236/docker-proxy
Dragotic's avatar

@bashy If I nmap on my server I get that the port 443 is open, and in my docker conf I have ports 80, 443 exposed. I don't get it what it's going on.

bashy's avatar

I think it could be down to you trying to check what's stopping the connection go through. Connection refused is a refusal because nothing is listening on the port (most of the time). Have you got any firewall settings for port 443?

Dragotic's avatar
Dragotic
OP
8 years ago
Best Answer
Level 1

@bashy Just finished a call azure support. They told me that there was probably a bug with the :80 :443 ports when building ubuntu 16.04 + docker VM image. So I built an image with just Ubuntu 16.04 and installed docker on my own and it works fine.

Thanks for hanging in with me @bashy

Please or to participate in this conversation.