Cannot renew certs when redirecting http to https

schoen · April 24, 2017, 8:59pm

I think so. It’s possible that the {} block did not actually prevent the subsequent block from applying; I don’t know enough about Nginx configuration to know whether more than one location block can apply to the same request or not.

The Let’s Encrypt CA is actually willing to follow a 301 redirect in this case (which is often useful), but that might not be relevant to your debugging here.

In order to pass the authentication challenge, Certbot needs to be able to create text files in the webroot location specified in /etc/letsencrypt/renewal/www.mydomain.com.conf, within the subdirectory .well-known/acme-challenge and then have those files be visible to the public via HTTP under http://www.mydomain.com/.well-known/acme-challenge/.

chrisco23 · April 24, 2017, 9:25pm

In desperation, I temporarily changed the top server block to respond to www.mydomain.com instead of mydomain.com, then did the renew, then changed it back again.

Obviously this is not a permanent solution but just enough to get the site back online.

sahsanu · May 12, 2018, 1:36pm

A post was split to a new topic: Problem validating domain (TLD app)

Topic		Replies	Views
Can't renew certificate Help	9	170	October 31, 2024
Certificate won't renew (I think due to the server forcing views to https with outdated cert) Help	25	597	December 25, 2023
Unable to renew LetsEncrypt certificate (HTTP-01 challenge failed) Help	6	1121	April 11, 2024
Renew failure after moving server Help	4	987	August 3, 2018
Can't renew certificate (probably due to https redirect) Help	7	4912	February 20, 2018

Cannot renew certs when redirecting http to https

Related topics