Certbot failed installation

Hello people, how are you :slight_smile:

I am a student, got myself free .tech domain, obtained free 1 year hosting on Google compute, connected my server to ServerPilot free plan, installed WordPress and uploaded some content.
It’s Code Playground, a project started as an open source.
after following instructions after few steps I got an error.
error was: NoInstallationError()
The nginx plugin is not working; there may be problems with your existing configuration.

Could someone please guide me through on how to get valid certificate using Certbot? Thank you

-My domain is: wwcd.tech
-I ran this command: I followed instructions on https://certbot.eff.org/
-It produced this output: Everything went ok untill I tried to install nginx plugin
-My web server is (include version): nginx over apache (serverpilot)
-The operating system my web server runs on is (include version): UBUNTU 16.04 LTS-
-My hosting provider, if applicable, is: Google cloud (compute vps)
-I can login to a root shell on my machine
-I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ServerPIlot

Based on some Google searches, ServerPilot may customize the location of nginx.

Perhaps try

--nginx-server-root "/etc/nginx-sp" 

and also if necessary

--nginx-ctl "/path/to/sbin/nginx"

I would also seriously consider reading the ServerPilot documentation about their existing Let’s Encrypt integration rather than trying to manually apply Certbot:


Thank you for so fast reply. I have read the Serverpilot guide, but I would really like to do this myself and learn something.
Their auto ssl is a paid feature, and I need this for educational purposes. If I pay for it I won’t learn a thing.
I found a script which works flawlessly, but still it is a script, which I didn’t wrote.
I would like to do it in official way, using Certbot. :slight_smile:
Thank you

@bredpit, @_az’s first suggestions are Certbot command-line options that you could provide when running Certbot on the command line (in order to deal with the NoInstallationError).

@schoen I found something interesting and gave it a try:
first I cloned the repo:
git clone https://github.com/certbot/certbot
this extracted stuff in a folder "certbot" so I navigate there with:
cd certbot
then I start with this:
./certbot-auto certonly --webroot --webroot-path /srv/users/serverpilot/apps/wwcd/public --renew-by-default --email ****@yahoo.com --text --agree-tos -d wwcd.tech

everything goes well, I get congrat message how all went well.
But my site goes down. Then I navigate to:
cd /etc/nginx-sp/vhosts.d
I edit my app

sudo nano wwcd.ssl.conf
and I put this into the file and save

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name wwcd.tech;
    ssl on;
    # letsencrypt certificates
    ssl_certificate      /etc/letsencrypt/live/wwcd/fullchain.pem;
    ssl_certificate_key  /etc/letsencrypt/live/wwcd/privkey.pem;
        #SSL Optimization
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:20m;
    ssl_session_tickets off;
        # modern configuration
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;
        # OCSP stapling 
        ssl_stapling on; 
        ssl_stapling_verify on; 
        # verify chain of trust of OCSP response 
        ssl_trusted_certificate /etc/letsencrypt/live/wwcd/chain.pem;
        #root directory and logfiles 
        root /srv/users/serverpilot/apps/wwcd/public; 
        #index files
        index index.php index.html index.htm;
        access_log /srv/users/serverpilot/log/wwcd/wwcd_nginx.access.log main; 
        error_log /srv/users/serverpilot/log/wwcd/wwcd_nginx.error.log; 
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-SSL on; 
        proxy_set_header X-Forwarded-Proto $scheme; 
        include /etc/nginx-sp/vhosts.d/wwcd.d/*.nonssl_conf; 
        include /etc/nginx-sp/vhosts.d/wwcd.d/*.conf; 

and everything goes down, I can't even restart nginx
Probably the paths are wrong, I need to check everything folder by folder file by file.

But the idea is right? Right?

For sure these paths are wrong.

Same issue.

Try nginx -t to test the config.

hey @_az , thanks for confirmation, the problem is I can’t use filezilla to browse these files as it doesn’t allow me to enter these files, says I don’t have permission, which is crazy.
I probably need to tweak sshd_config and allow PermitRootLogin and PasswordAuthentication to be able to check the correct paths. using console is a huge pain :slight_smile:

If you have root access on that server, you don't need PermitRootLogin at all, you can just use sudo, e.g. sudo ls /etc/letsencrypt/live.

@_az @schoen Hey guys, thank you for help.
I managed to do it.
I configured another server and I tried to do the same but this time without “certonly” part.
It went smooth, but at the end it told me that I need to use “certonly” part because I am using --webroot path

Anyway, I went back to the previous server, and I edited sshd_config the way I said, and I added a password for root with:
passwd root
Before I was using serverpilot’s account to login via sftp, but this time I used root and the password I just set.
Browsing through the folders went without any complications.

Then I was able to check all the correct paths, and finally I was able to edit the .conf file with corrected paths.

ssl works :)))

A question: will I be able to renew the certificates every 3 months with this code:
certbot-auto renew
is it futureproof? or do I need to update repository before running the renew script?

Also, how to add a cronjob to run the renew every x months or x days?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.