Certbot certificates


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:batcavelounge.eu

I ran this command:sudo certbot --nginx -d batcavelounge.eu -d www.batcavelounge.eu

It produced this output: Could not automatically find a matching server block. Set the server_name directive to use the Nginx installer.

My web server is (include version):Nginx 4.2

The operating system my web server runs on is (include version):Linux Ubuntu 14.04 server

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):no


#2

Can you show your nginx configuration?

nginx -T

#3

Its all good :slight_smile: it found it, but when i tried to disable ssl3 and added a line i get this from your request with nginx -t

:/etc/nginx/sites-enabled$ sudo nginx -t
nginx: [warn] duplicate value “TLSv1” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: [warn] duplicate value “TLSv1.1” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: [warn] duplicate value “TLSv1.2” in /etc/nginx/sites-enabled/batcavelounge.eu:100
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successfu


#4

This is probably because it’s including a file options-ssl-nginx.conf, which already declares such a line.


#5

So i should not worry about it ?


#6

Yes, I believe you don’t have to do it because Certbot is already doing it for you.


#7

I’ve hit the same issue twice now, under similar circumstances.

Let me first state that I have done a thing regarding options-ssl-nginx.conf- no create or edit. Not having a clue to its function, I have no way of invoking it.

But the circumstance of this arising are eerily similar (I have no hard proof as I was not expecting this to happen).

  • have many server names to handle (19 total).
  • did an initial certificate with a sub-set of an inital group of 15. Had to set server_names_hash_bucket_size 512;
  • built up this subset a couple of times.
  • later as a couple of other domain DNS entries percolated, tried to add another two, and the error arose.

Any clues to look for?


#8

The error you see is also this one?

Could not automatically find a matching server block. Set the server_name directive to use the Nginx installer.


#9

That is correct;

I have little idea how to set server_name directive. I don’t understand why it initially works, Certbot then generates its own block
server_name [...].net; # managed by Certbot then complains…


#10

Could you show the output of nginx -T as suggested by @_az above?

Edit: Also, what version of Certbot are you running?


#11

yes, file enclosednginxT.txt (10.7 KB)
.

I am not certain how to extract that version. a sudo certbot -v gave unexpected result, but had interesting snippet
certbot==0.21.1

Basically this was installed today.


#12

Thanks, and could you also provide a log from /var/log/letsencrypt corresponding to a time when the error occurred?


#13

And here it is. Very recent. ran it about an hour ago.

letsencrypt_log.txt (5.1 KB)


#14

Anything of use in the log?


#15

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.