I was trying to delete my certificate on my website and get a new one. I deleted the certbot that was already installed and tried to reinstall it again and when I go to check to see the certificate existence it keeps telling me that sudo ls /etc/letsencrypt/live no such file or directory exists.
It produced this output:ln: missing file operand
Try 'ln --help' for more information.
root@Omnihost:~# sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/filehb.tech/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/filehb.tech/fullchain.pem, r) error:10000080:BIO routines::no such file)
nginx: configuration file /etc/nginx/nginx.conf test failed
My web server is (include version): Nginx
The operating system my web server runs on is (include version): Ubunto 22.04.3
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): Don't know
The problem you are seeing is that certbot can't update the linked file references because the source file doesn't exist anymore, and nginx can't load because your current configuration in etc/nginx/nginx.conf references a file that doesn't exist any more (or a link to that missing file).
I'm not a certbot expert but I would suggest running certbot delete to clean up the broken certificate then run certbot again to get an install a new certificate. If the problem persists you may need to edit your nginx config to remove/update references to the missing certificate files.
If this is for a business I would suggest getting advice from a local web development company to help as there is a reasonable amount of stuff to learn.
Cool, I'm not the best person to teach you how to use linux I'm afraid. Personally I use nano to edit files on Ubuntu but you generally need to look at the nginx config file and understand what the configuration is telling it to do. The location of your nginx config file is plainly stated in your original post.
Take your time and break the problem into smaller parts, I would suggest you start by trying sudo certbot delete --cert-name filehb.tech to cleanup your invalid certbot config, unless that option isn't working, then start again with a new certificate configuration.
Did you happen to create a site there? If so, Certbot may have edited it when you previously enabled HTTPS. Can you check whether there are any configuration files present in that directory?
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# https://www.nginx.com/resources/wiki/start/
# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
# https://wiki.debian.org/Nginx/DirectoryStructure
#
# In most cases, administrators will remove this file from sites-enabled/ and
# leave it as reference inside of sites-available where it will continue to be
# updated by the nginx packaging team.
#
# This file will automatically load configuration files provided by other
# applications, such as Drupal or Wordpress. These applications will be made
# available underneath a path with that package name, such as /drupal8.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
# Default server configuration
#
server {
listen 80 default_server;
listen [::]:80 default_server;
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# Virtual Host configuration for example.com
#
# You can move that to a different file under sites-available/ and symlink that
# to sites-enabled/ to enable it.
#
#server {
# listen 80;
# listen [::]:80;
#
# server_name example.com;
#
# root /var/www/example.com;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
server {
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name www.filehb.tech filehb.tech; # managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/filehb.tech/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/filehb.tech/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.filehb.tech) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = filehb.tech) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name www.filehb.tech filehb.tech;
return 404; # managed by Certbot
}
Tip: when pasting configuration or code to the forum use three backticks ``` before and after the code block so that it gets formatted properly [you can also go back and edit your existing posts to fix formatting problems, this helps people read your response and make it more likely they can help you]
As this is for a school project, my advice would be to walk through the entire nginx configuration file, line by line, and learn to understand every single directive: what does it do? Usually using the nginx documentation works fine for this. And yes, this might take some time, but in the end, you'll learn a lot.
Next is to use everything you've learned and look at the exact error produced by Certbot. And figure out WHY Certbot is complaining. Hint: it's not just Certbot that's complaining, your nginx is complaining too on its own.
I don't have time and would prefer guidance on how to fix this if possible. After the issue is fixed I would like to go back and learn everything without any worries
@DepressionCherry your Ports 80 & 443 are CLOSED, I suggest Opening them.
$ nmap -Pn -p80,443 filehb.tech
Starting Nmap 7.80 ( https://nmap.org ) at 2024-04-16 20:06 UTC
Nmap scan report for filehb.tech (143.198.153.174)
Host is up (0.025s latency).
PORT STATE SERVICE
80/tcp closed http
443/tcp closed https
Nmap done: 1 IP address (1 host up) scanned in 0.20 seconds
It looks like its already open I run the command and it shows this
root@Omnihost:~# sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
80,443/tcp (Nginx Full) ALLOW IN Anywhere
22/tcp (OpenSSH) ALLOW IN Anywhere
443 ALLOW IN Anywhere
5000 ALLOW IN Anywhere
5002 ALLOW IN Anywhere
80,443/tcp (Nginx Full (v6)) ALLOW IN Anywhere (v6)
22/tcp (OpenSSH (v6)) ALLOW IN Anywhere (v6)
443 (v6) ALLOW IN Anywhere (v6)
5000 (v6) ALLOW IN Anywhere (v6)
5002 (v6) ALLOW IN Anywhere (v6)
You don't think it has something to do with this error
'## root@Omnihost:~# tail /var/log/letsencrypt/letsencrypt.log 2024-04-16 19:52:16,307:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * nginx Description: Nginx Web Server plugin Interfaces: Authenticator, Installer, Plugin Entry point: EntryPoint(name='nginx', value='certbot_nginx._internal.configurator:NginxConfigurator', group='certbot.plugins') Initialized: <certbot_nginx._internal.configurator.NginxConfigurator object at 0x7fa7dfb84be0> Prep: Error while running nginx -c /etc/nginx/nginx.conf -t. nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/filehb.tech/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/filehb.tech/fullchain.pem, r) error:10000080:BIO routines::no such file) nginx: configuration file /etc/nginx/nginx.conf test failed
