Can't access newly installed Nextcloud on port 443

Dear all

I just did a fresh installation of Nextcloud (nextcloud-snap) on my Ubuntu 20.04 server. Port 80 and 443 are open in my router and are not blocked by my ISP.

I then proceeded to enable HTTPS with a Let’s Encrypt certificate (sudo snap nextcloud.enable-https lets-encrypt).

I can access the server fine on the local IP from LAN (although with a cert warning). Before enabling HTTPS, I could access it fine on port 80. However, when I now try to access via HTTPS, I get connection refused:

curl https://cloud.martinlauridsen.info
curl: (7) Failed to connect to cloud.martinlauridsen.info port 443: Connection refused

This is the output of netstat:

netstat -pnltu
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                   
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      -                   
tcp6       0      0 :::80                   :::*                    LISTEN      -                   
tcp6       0      0 :::22                   :::*                    LISTEN      -                   
tcp6       0      0 ::1:631                 :::*                    LISTEN      -                   
tcp6       0      0 :::443                  :::*                    LISTEN      -                   
tcp6       0      0 :::110                  :::*                    LISTEN      -                   
udp        0      0 127.0.0.53:53           0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:631             0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:34359           0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           -                   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           -                   
udp6       0      0 :::1194                 :::*                                -                   
udp6       0      0 :::53012                :::*                                -                   
udp6       0      0 :::5353                 :::*                                -                   
udp6       0      0 :::5353                 :::*                                -  

And this is from nmap:

Starting Nmap 7.60 ( https://nmap.org ) at 2021-08-12 21:55 CEST
Nmap scan report for cloud.martinlauridsen.info (87.61.93.167)
Host is up (0.010s latency).
rDNS record for 87.61.93.167: 0x573d5da7.static.cust.fastspeed.dk
Not shown: 998 filtered ports
PORT    STATE  SERVICE
80/tcp  open   http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 4.97 seconds

Did you check your firewall?

ufw is disabled in Ubuntu, and the ports are open in the router. I’m not sure what other firewall there might be. I’ve asked my ISP who says the port is not blocked.

Since nmap says port 443 is closed it’s rather sure that it is so.
You can do a

sudo iptables -S|grep 443

Maybe you will see more.

The command you suggest shows no output. Furthermore, according to nmap documentation, STATE=CLOSED means that the port is accessible, but “there is no application listening on it”.