I’m trying to set CloudFlare Crypto option to Full (strict). I have generated and uploaded the pem and key files in the droplet, in the /etc/nginx/ssl folder, set up nginx to use SSL, but can’t get it to work properly. Nginx test is ok, permissions on key and pem files and folders seems ok too, but I got an error “522 host error” when trying to reach the website with https . If I set the SSL option to Flexible, everything works fine, so it’s not an error due to installed website.
The server is an Ubuntu 16.04 on a DigitalOcean droplet.
I followed this https://serverfault.com/questions/259302/best-location-for-ssl-certificate-and-private-keys-on-ubuntu (second answer), with root as group and owner instead of ssl-cert.
As I d’ont see errors in the log file I don’t know where is the mistake I’ve made, so I’m open to any idea.