I have configured a Let’sEncrypt certificate and the Cert Expiry sensor, which did work well for several month. After I did the HA update (I assume, that’s not the reason but I did recognize at that time) I recognized, that the sensor does not work anymore.
The error I see is Cannot connect to catdog.myfritz.net
When I fire curl -I https://catdog.myfritz.net, the result shows:
HTTP/1.1 405 Method Not Allowed
Server: nginx/1.14.2
Date: Fri, 22 Mar 2019 07:53:52 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 23
Connection: keep-alive
Allow: GET
Strict-Transport-Security: max-age=31536000; includeSubDomains
As you can see, I’m running nginx as a reverse proxy.
Maybe someone can give hints where I have to figure out, why it does not work anymore?
Here my /etc/nginx/conf.d/catdog.myfritz.net.conf:
server {
listen 443 ssl default_server;
server_name catdog.myfritz.net;
##
# SSL
##
## Activate SSL, setze SERVER Zertifikat Informationen ##
# Generiert via Let's Encrypt!
ssl on;
ssl_certificate /etc/letsencrypt/live/catdog.myfritz.net/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/catdog.myfritz.net/privkey.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_prefer_server_ciphers on;
# unsichere SSL Ciphers deaktivieren!
ssl_ciphers HIGH:!aNULL:!eNULL:!LOW:!3DES:!MD5:!RC4;
## Blocken, wenn Zugriff aus einem nicht erlaubten Land erfolgt ##
if ($allowed_country = no) {
return 403;
}
##
# HSTS
##
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
##
# global
##
root /var/www/catdog.myfritz.net;
index index.php index.htm index.html;
# Weiterleitung
location / {
proxy_pass http://localhost:8123;
proxy_set_header Host $host;
#proxy_redirect http:// https://;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_intercept_errors on;
}
}