I bumped into this problem with Certbot, using
certbot -d domain.com --nginx, using latest Alpine Linux:
nginx: [emerg] a duplicate listen 0.0.0.0:443 in /etc/nginx/http.d/config.conf
I found one topic here and saw no answer with solution, so I'd like to post one;
The problem was with Certbot. It didn't like that I had included
listen 443; already in the server block.
So when Certbot adds one to the block, then Nginx gets it twice.
So before running Certbot, remove all
listen 443; lines.
Feature request would be:
Detect if in config file is some
listen 443; and then replace it, not append.
You should include the version of
certbot used and the command string ran.
Which version of Certbot and the
certbot-nginx plugin are we talking about?
What version of
nginx [uses that path] ?
Also, please share the
sudo nginx -T output before and after Certbot did its thing. I'm not that familiair with Certbot and nginx, but with Apache, Certbot adds a new virtualhost. It would make sense for Certbot to generate a new server block for HTTPS entirely with nginx too, but I'm not sure about that.
It's quite clever. It reads the server blocks already present, finds the appropriate one for the domain gave and appends SSL certs to the end of the block.
Sometimes it rewrites some configuration, that's annoying, but yes, it works.
certbot is v1.27.0 on Alpine Linux v3.16.3, Nginx is 1.22.1
sudo certbot -d jancsi.cz and
sudo certbot install -d jancsi.cz then
You are using the HTTP-01 Challenge which requires Port 80
Best Practice - Keep Port 80 Open
Let's Debug is showing AAAANotWorking ERROR https://letsdebug.net/jancsi.cz/1354397; Port 80 needs to be open on IPv6 as well.
Also SSL Server Test: jancsi.cz (Powered by Qualys SSL Labs) "Unable to connect to the server" to the IPv6 Address.
However here is a list of issued certificates crt.sh | jancsi.cz, the latest one being 2023-01-29.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.