I've search a bunch of questions to set the correct configuration for nginx SSL, but my EC2 website isn't online. Actually when It was only HTTP protocol (80) it was working fine.
**Steps I made**
1 - Set security group for ec2 opening traffic for all ipv4 to access 443 and 80 (ok)
[![EC2 Security groups][1]][1]
2 - Set `/etc/nginx/sites-avaiable` and `/etc/nginx/sites-eneabled` for only HTTP access, that was working fine (ok)
3 - Now started SSL process, creating crypto keys sudo `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/nginx-selfsigned.key -out /etc/nginx/nginx-selfsigned.crt` (ok)
4 - Now I modified 'default' file for both `/etc/nginx/sites-avaiable` and `/etc/nginx/sites-eneabled` to apply SSL on my website (???)
```
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name ec2-23-22-52-143.compute-1.amazonaws.com www.ec2-23-22-52-143.compute-1.amazonaws.com;
#Importing ssl
ssl_certificate /etc/nginx/nginx-selfsigned.crt;
ssl_certicate_key /etc/nginx/nginx-selfsigned.key;
# front-end
location / {
root /var/www/html;
try_files $uri /index.html;
}
# node api
location /api/ {
proxy_pass http://localhost:3000/;
}
}
server {
listen 80;
listen [::]:80;
server_name ec2-23-22-52-143.compute-1.amazonaws.com www.ec2-23-22-52-143.compute-1.amazonaws.com;
return 301 https://$server_name$request_uri;
}
```
5 - Tested configuration `sudo nginx -t` and it's a ok configuration (ok)
6 - Restarted nginx `sudo systemctl restart nginx` (ok)
7 - Tested if the necessary ports are being listening `sudo netstat -plant | grep 80` `sudo netstat -plant | grep 443` and both are being listening (ok)
8 - I should work everything looks great, so I tried to enter to website and for my surprise it's offline with error **"ERR_CONNECTION_CLOSED"**
[https://ec2-23-22-52-143.compute-1.amazonaws.com/][2]
9 - The unique thing that rest to check is the nginx error logs at `/var/log/nginx/` , and there are this ERROR related to SSL
2022/04/07 19:24:25 [crit] 2453#2453: *77 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error) while SSL handshaking, client: 45.56.107.29, server: 0.0.0.0:443
**Conclusion**
I don't why SSL_do_handshake() failed what I can do to fix this issue, anyone has a guess to solve this problem. Thanks a lot for stackoverflow comunnity you are great !!!
[1]: https://i.stack.imgur.com/4LlLC.png
[2]: https://ec2-23-22-52-143.compute-1.amazonaws.com/