I switched from
certbot after receiving a fine e-mail that said I had to move away from TLS-SNI-01. Eventhough I don’t have any active domains that use this method - I only had one that is currently running out as apparently I’m too lazy to revoke it, I decided to change nontheless.
I then proceeded to follow this guide: How to stop using TLS-SNI-01 with Certbot
Everything went smooth, however, I haven’t removed
letsencrypt from my server yet.
I then proceeded to make a new certificate for a new Mastodon instance that I plan to run. The guide mentioned that I could use the
nginx-plugin, so I installed that along with
For my new certificate I then ran this command:
$ certbot --nginx certonly --rsa-key-size 4096 -d domain where
domain is irellevant in this context. Again, everything went smooth, but I noticed that I was asked if I wanted to redirect http to https. I chose
n, as I’m used to handle this in my nginx configs.
After making the new nginx config file, inserting the paths for the new certificate, I then notice something odd that I’ve never seen before when handling nginx configs - unless I broke something myself. I get the error
nginx: [warn] conflicting server name "domain" on 0.0.0.0:443, ignored when I run
$ nginx -t to check for syntax errors. I’ve quadrouple checked the config and I don’t have
server_name more than once in the two
server-blocks I have - one for
:80 that redirects to
:443 as per usual.
I now also notice that no matter that I set the
root to in my nginx config for this domain, I get a 404.
So I’m wondering if
certbot does something different compared to
letsencrypt and places a broken nginx config file somewhere? I can’t see anything included in the default
nginx.conf, or any of the other nginx configs I have.
This is really annoying. I hope you guys can help.