Let's encrypt Nginx
All the command that I use for Let's encrypt
Install Certbot
sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx
Troubleshoot Installing certbot
when using ubuntu 20.04 shows error
The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu focal Release' does not have a Release file.for now use one liner
curl -o- https://raw.githubusercontent.com/vinyll/certbot-install/master/install.sh | bashTroubleshoot "Nginx is unable to bind to 443 / 80" after applying certbot
sudo fuser -k 80/tcpDeprecated on 20.04
sudo apt-get install python3-certbot-nginxProcess Certbot Domain
sudo certbot --nginx -d example.com -d www.example.com
sudo certbot renew --dry-run
Check all certificate
sudo certbot certificates
Adding subdomain from existing certificate
lets say you've done this
sudo certbot --nginx -d example.com -d www.example.com
then just rewrite it again
sudo certbot --nginx -d example.com -d www.example.com - second.example.com
Delete certificate
sudo certbot delete --cert-name example.com
Troubleshooting
Certbot renew error – Invalid response from
- Try to make folder .well-known/acme-challenge/test.html and run it to browser if works try again.
- Try to stop nginx and start it again... not reload but to stop first and start again.
certbot no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking
when you want you non www / www to be added using certbot
server {
listen 443 default_server; // add default_server not ssl
server_name linkfil.io;
return 301 https://www.linkfil.io$request_uri;
ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem; # managed by Certbot
}
and try to turn off proxy if you're using cloudflare
Worth to look
- /etc/letsencrypt/archive
- /etc/letsencrypt/live
- /etc/letsencrypt/renewal