So the whole certificate thing worked. (Thanks joulinar.) And when searching my domain (tubzpi.xyz) it did show for a second before saying connection failed or site cannot be reached. Neither http://tubzpi.xyz or https://tubzpi.xyz work. Do I have to make a new file for https? I don’t trust other online tutorials anymore so that’s why I ask. But in short nothing shows up, and lighttpd is working well no errors nothing. Any solutions? Also I’ve made the root in the config file /var/www/tubzpi.xyz, where an index.html file is and index.css file is. Website is public so you can check if needed.
Sorry for the many post btw.
What webserver do you use?
Did you change the webroot after you created the SSL certificates?
Maybe you can revert your change of the webroot and see if it’s working again.
1 Like
you have set correct port forwarding for port 443 on your router?
Let’s check LISTEN ports
ss -tulpn | grep LISTEN
Following configuration file has been created again?
/etc/lighttpd/conf-enabled/50-dietpi-https.conf
@Jappe this is the related issue Problem with lighttpd not detecting a folder that has ssl certificate inside
1 Like
Is it okay for me to paste the whole table here? or no? But from what i see, lighttpd is listening at 443 and 80. And yes the file has been made.
(Sorry for late reply was travelling)
port forwarding on your router has been correctly set for port 80/443?
1 Like
yes, ive forwardded both 80 and 443, to my pi and used TCP.
how does it look if you try to access your web server from inside your local network? You could check https access using DDNS as well as local IP (yes, a cert warning might be shown)
1 Like
right now im trying to access the website from outside on a different internet, when i tested the lighttpd yesterday before running the dietpi-letsencrypt script it worked, it worked on mobile data and my friends internet as well. i dont remember if it showed up as https thou, but i do remember for a few minutes after i ran the script it worked, if it was https i dont remember as well. And to answer your question its the same answer inside my network, not accessible, on both local ip and the domain.
even on local IP from inside your network a connection is not possible via https://192.x.x.x:443
Yes, it cannot be reached, also im not sure if this normal but i have two lighttpd.conf files, the second one called lighttpd1.conf
this is unexpected. Can you share both?
1 Like
lighttpd.conf
server.modules = (
"mod_access" ,
"mod_accesslog" ,
"mod_fastcgi" ,
"mod_rewrite" ,
"mod_auth"
)
server.document-root = "/var/www/tubzpi.xyz"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
# features
#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
server.feature-flags += ("server.h2proto" => "enable")
server.feature-flags += ("server.h2c" => "enable")
server.feature-flags += ("server.graceful-shutdown-timeout" => 5)
#server.feature-flags += ("server.graceful-restart-bg" => "enable")
# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
# if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
"header-strict" => "enable",# default
"host-strict" => "enable",# default
"host-normalize" => "enable",# default
"url-normalize-unreserved"=> "enable",# recommended highly
"url-normalize-required" => "enable",# recommended
"url-ctrls-reject" => "enable",# recommended
"url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
#"url-path-2f-reject" => "enable",
"url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
#"url-path-dotseg-reject" => "enable",
#"url-query-20-plus" => "enable",# consistency in query string
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
#server.compat-module-load = "disable"
server.modules += (
"mod_dirlisting",
"mod_redirect",
"mod_setenv",
"mod_staticfile",
)
lighttpd1.conf
server.modules = (
"mod_access" ,
"mod_accesslog" ,
"mod_fastcgi" ,
"mod_rewrite" ,
"mod_auth"
)
server.document-root = "/var/www/tubzpi.xyz"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
# features
#https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_feature-flagsDetails
server.feature-flags += ("server.h2proto" => "enable")
server.feature-flags += ("server.h2c" => "enable")
server.feature-flags += ("server.graceful-shutdown-timeout" => 5)
#server.feature-flags += ("server.graceful-restart-bg" => "enable")
# strict parsing and normalization of URL for consistency and security
# https://redmine.lighttpd.net/projects/lighttpd/wiki/Server_http-parseoptsDetails
# (might need to explicitly set "url-path-2f-decode" = "disable"
# if a specific application is encoding URLs inside url-path)
server.http-parseopts = (
"header-strict" => "enable",# default
"host-strict" => "enable",# default
"host-normalize" => "enable",# default
"url-normalize-unreserved"=> "enable",# recommended highly
"url-normalize-required" => "enable",# recommended
"url-ctrls-reject" => "enable",# recommended
"url-path-2f-decode" => "enable",# recommended highly (unless breaks app)
#"url-path-2f-reject" => "enable",
"url-path-dotseg-remove" => "enable",# recommended highly (unless breaks app)
#"url-path-dotseg-reject" => "enable",
#"url-query-20-plus" => "enable",# consistency in query string
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
#server.compat-module-load = "disable"
server.modules += (
"mod_dirlisting",
"mod_staticfile",
)
You answered a similar thing here, where the persons https wasnt working, shoud i follow those steps from where i am
nvm this did not work, any other suggestions.
sorry for the late response but I was out for a couple of days and missed to answer. What is current status of your system?
1 Like
Still doesn’t work, there’s this problem and the other problem with the ufw. Is it okay if we fix the ufw first then go on to this as that’s more recent?
ok let’s do it this way.
1 Like
@Joulinar im an idiot i just realised I configured port forwarding wrong on my router, instead of doing 443 I did 433. that was the biggest facepalm I gave myself flip sake. thanks anyways.
At least you found it 
1 Like
Well, I guess I wiped Lighttpd for no reason, but configuring Apache was actually way easier, I just did Certbot --apache and It configured everything.