Certbot で SSL を有効にした後、HTTPS 経由でサーバーにアクセスできない問題を解決するには、どのような手順を実行すればよいですか?

この問題の診断と解決について支援を求めています。Certbot で SSL を有効にした後、HTTPS 経由でサーバーにアクセスできない原因をトラブルシューティングするには、どのような手順を実行すればよいでしょうか。よくある落とし穴や見逃している可能性のある構成設定はありますか。

この SSL 問題を解決するためのご助力やご指導をいただければ幸いです。

私はこのコマンドcertbotコマンドsudo certbot --nginxを使用しましたが、構文は成功しました。certbotコマンドの後、サーバーにアクセスできません。httpでは機能しますが、httpsでは機能しません。

これは、sites-available .file name default の下のファイルです。

# Default server configuration
server {
        #listen 443;
        #listen [::]:443;
        # SSL configuration
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        # Note: You should disable gzip for SSL traffic.
        # See: https://bugs.debian.org/773332
        # Read up on ssl_ciphers to ensure a secure configuration.
        # See: https://bugs.debian.org/765782
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        # include snippets/snakeoil.conf;

        root /var/www/html/waste-management-dev/public;

        # Add index.php to the list if you are using PHP
        index index.php;

        server_name yourdomain.in;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                #try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args;


        # pass PHP scripts to FastCGI server
        location ~ \.php$ {
                  try_files $uri =404;
             fastcgi_split_path_info ^(.+\.php)(/.+)$;
             include fastcgi_params;
             fastcgi_pass unix:/run/php/php7.4-fpm.sock;
             fastcgi_index index.php;
             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
             #fastcgi_param SCRIPT_NAME $fastcgi_script_name;
             #include fastcgi_params;

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #location ~ /\.ht {
        #       deny all;

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/yourserver.in/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/yourserver.in/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


server {
    if ($host = yourserver.in) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

        listen 80 default_server;
        listen [::]:80 default_server;

        server_name myserver;
    return 404; # managed by Certbot




server {
        listen 80 default_server;
        listen [::]:80 default_server;
        root /var/www/html;
        index index.html index.htm index.nginx-debian.html;

        server_name _;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;

        # pass PHP scripts to FastCGI server
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
        #       # With php-fpm (or other unix sockets):
                fastcgi_pass unix:/run/php/php-fpm.sock;
        #       # With php-cgi (or other tcp sockets):
        #       fastcgi_pass;
      location ~ \.cgi$ {
                gzip off;
                include fastcgi.conf;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_pass unix:/var/run/fcgiwrap.socket;

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        location ~ /\.ht {
                deny all;


#### NEW FILE !!!!!!
#### /etc/nginx/sites-enabled/unwaste.in 
##start file

server {
        server_name unwaste.in;
        listen 80;
        return 307 https://$host$request_uri;

server {
# enable http2 support - if module if avaible
        listen 443 ssl http2;
        listen [::]:443 ssl http2;

# enable http1.1 support - if module if avaible
#        listen 443 ssl;
#        listen [::]:443 ssl;
        root /var/www/html/waste-management-dev/public;

        # Add index.php to the list if you are using PHP
        index index.php;

        server_name unwaste.in;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                #try_files $uri $uri/ =404;
                try_files $uri $uri/ /index.php?q=$uri&$args;


        # pass PHP scripts to FastCGI server
        location ~ \.php$ {
                  try_files $uri =404;
             fastcgi_split_path_info ^(.+\.php)(/.+)$;
             include fastcgi_params;
             fastcgi_pass unix:/run/php/php7.4-fpm.sock;
             fastcgi_index index.php;
             fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
             #fastcgi_param SCRIPT_NAME $fastcgi_script_name;
             #include fastcgi_params;

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        location ~ /\.ht {
               deny all;

    ssl_certificate /etc/letsencrypt/live/unwaste.in/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/unwaste.in/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot



/etc/nginx/sites-enabled は複数のファイルを使用できるので、そのようにする必要があり、nginx.conf には触れないでください。Ubuntu などのほとんどの Debian ベースのシステムでは、同様の動作になります。

ファイルがロードされない場合は、nginx の最後で以下を実行する必要があります。

        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

そして、まずは反対票を投じるのではなく、議論してください。ありがとうございます ;)
