Can't create a certificate

Help
1

My domain is:

I ran this command:
certbot certonly --webroot -w /var/www/html/ -d my.server.de -m mail@address.de --agree-tos

It produced this output:
Connection refused

To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address…

My web server is (include version):
Nginx 1.14.2

The operating system my web server runs on is (include version):
raspbian buster

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):
yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
certbot 0.31.0

I use a FritzBox and port forwarding for 80 and 443 is activated. DynDNS works, I have access to an other computer using a different port. If I check ports 80 and 443 with a port scanner, they are closed.

nginx: configuration file /etc/nginx/nginx.conf test failed
nginx.service: Control process exited, code=exited status=1

nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/") failed (SSL: error:02001002:system library:fopen:No such file or directory

It seems Nginx dosen’t work:

service nginx status

  • nginx.service - A high performance web server and a reverse proxy server
    Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
    Active: failed (Result: exit-code) since Sun 2019-08-18 18:40:56 CEST; 56min ago
    Docs: man:nginx(8)
    Process: 591 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)

Starting A high performance web server and a reverse proxy server…
nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/my.server.de/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen(’
nginx: configuration file /etc/nginx/nginx.conf test failed
nginx.service: Control process exited, code=exited, status=1/FAILURE
nginx.service: Failed with result ‘exit-code’.
Failed to start A high performance web server and a reverse proxy server.

Is it necessary that Nginx works when I try to get a certificate?

2

I solved it. I had to repair Nginx conf. As Nginx was started, I could generate a certificate

3

Yes.
It looks like you've tried to use the cert before obtaining it.

4

Hi @Blaubart

it is required if you use http-01 validation with a running webserver (instead of --standalone).

If you use a client that starts an own webserver, it's not required. Same, if you use dns-01 validation.

Check

5

Thanks for your answer!!

6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.