Certbot certificates

scooter1 · February 11, 2018, 7:39am

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:batcavelounge.eu

I ran this command:sudo certbot --nginx -d batcavelounge.eu -d www.batcavelounge.eu

It produced this output: Could not automatically find a matching server block. Set the server_name directive to use the Nginx installer.

My web server is (include version):Nginx 4.2

The operating system my web server runs on is (include version):Linux Ubuntu 14.04 server

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no

_az · February 11, 2018, 10:10am

Can you show your nginx configuration?

nginx -T

scooter1 · February 11, 2018, 4:33pm

Its all good it found it, but when i tried to disable ssl3 and added a line i get this from your request with nginx -t

:/etc/nginx/sites-enabled$ sudo nginx -t
nginx: [warn] duplicate value “TLSv1” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: [warn] duplicate value “TLSv1.1” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: [warn] duplicate value “TLSv1.2” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfu

schoen · February 12, 2018, 5:44pm

This is probably because it’s including a file options-ssl-nginx.conf, which already declares such a line.

scooter1 · February 13, 2018, 3:53am

So i should not worry about it ?

schoen · February 13, 2018, 5:18am

Yes, I believe you don’t have to do it because Certbot is already doing it for you.

dvo · March 13, 2018, 10:49pm

I’ve hit the same issue twice now, under similar circumstances.

Let me first state that I have done a thing regarding options-ssl-nginx.conf- no create or edit. Not having a clue to its function, I have no way of invoking it.

But the circumstance of this arising are eerily similar (I have no hard proof as I was not expecting this to happen).

have many server names to handle (19 total).
did an initial certificate with a sub-set of an inital group of 15. Had to set server_names_hash_bucket_size 512;
built up this subset a couple of times.
later as a couple of other domain DNS entries percolated, tried to add another two, and the error arose.

Any clues to look for?

schoen · March 13, 2018, 10:53pm

The error you see is also this one?

Could not automatically find a matching server block. Set the server_name directive to use the Nginx installer.

dvo · March 13, 2018, 11:35pm

That is correct;

I have little idea how to set server_name directive. I don’t understand why it initially works, Certbot then generates its own block
server_name [...].net; # managed by Certbot then complains…

schoen · March 13, 2018, 11:43pm

Could you show the output of nginx -T as suggested by @_az above?

Edit: Also, what version of Certbot are you running?

dvo · March 13, 2018, 11:49pm

yes, file enclosednginxT.txt (10.7 KB)
.

I am not certain how to extract that version. a sudo certbot -v gave unexpected result, but had interesting snippet
certbot==0.21.1

Basically this was installed today.

schoen · March 13, 2018, 11:50pm

Thanks, and could you also provide a log from /var/log/letsencrypt corresponding to a time when the error occurred?

dvo · March 13, 2018, 11:54pm

And here it is. Very recent. ran it about an hour ago.

letsencrypt_log.txt (5.1 KB)

dvo · March 15, 2018, 11:32pm

Anything of use in the log?

system · April 14, 2018, 11:32pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.