Hi Team,
I completed the task Setup SSL for Nginx in Kodekloud Engineer 2.0
Access via curl is correct form “jump” to stapp02 on both port 80 and 443 (receives 200 code, I see Welcome!), but the task shows as failed.
Please review and let me know what is wrong here.
Regard
Can you show your nginx config?
I dont remember exactly this task, but may be server must answer 200 only with https, not http?
Your installation answer on both ports, so it may cause incomplete task state.
Hello,
I just set the listen only to 443 and also without success (even though ‘curl’ returns 200) from ‘jump server’
I configured NGINX according to other hints, but unfortunately - failure
Here is my current configuration
server {
listen 80;
listen [::]:80;
server_name 172.16.238.11;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name 172.16.238.11;
root /usr/share/nginx/html;
ssl_certificate "/etc/pki/tls/certs/nautilus.crt";
ssl_certificate_key "/etc/pki/tls/private/nautilus.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
This is from my notes for this task:
Configure ssl in main nginx config:
sudo vi /etc/nginx/nginx.conf
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
include /etc/nginx/sites-avaliable/*;
Copying ssl cert to proper loacation:
sudo mkdir /etc/nginx/ssl
sudo mv /tmp/nautilus.* /etc/nginx/ssl/
sudo mkdir /etc/nginx/sites-avaliable
Make ssl work for default site:
sudo vi /etc/nginx/sites-avaliable/default
server
{
listen 443 ssl default_server;
root /var/www/html;
ssl_certificate /etc/nginx/ssl/nautilus.crt;
ssl_certificate_key /etc/nginx/ssl/nautilus.key;
server_name _;
index index.html;
}
Thank you very much for the hint.
Your suggestion worked
Yeaa 
Greetings
P.S. Although I am wondering what was the reason that even though I had HTTP code 200 in the response it was not crediting my task.
Differences: ssl_protocols, path to crt and key.
I’ll do a revise and see it.
Thanks again
Have a great day