Hi,
Last point first, I was waiting to check I had the right to edit and I assume I had and will change it then try "certbot renew" and see if it renews for the correct period.
I will make a copt of the file and try the changes you think I should have in the file.
FWIW the original quick install for Ubuntu 20.04 had a script to install the certs which I used and have not changed anything except done updates so I am not sure if the script did these lines or an update changed the config file!
Hi,
I have changed the configuration to use the "fullchain.pem" and I have now renewed via "certbot renew" but am not sure why the wrong cert was set as I co not remember manually altering it.
Thanks
Before changing the "server" config from "return 404 to 301" could someone explain what the difference does, I am not very competent with scripts but is this just concerning error reporting?
A 404 is a "Not Found" response to a request. You can leave that if you wish but as you have it coded it only returns a 404 for a request with that exact URI. Such a request is not valid so a 404 is ok. But, nginx would return 404 anyway so it is not needed.
The 301 is a redirect. You should redirect HTTP requests to HTTPS but you had that commented out. Which is fine before you have any certs but now that you do you should redirect. The first location for the acme-challenge folder will cause the challenge to be handled in this HTTP server block. All other requests will be redirected to HTTPS. That's a common config.
Mind, this is all standard nginx coding. You should review nginx docs (here) so you can become familiar with this server you will be administering.
As i don't know hoe/when the lines were commented out, could it nave been possible that it was done by certbot when it could not renew or is that not possible!?
I don't believe certbot does that and I've never seen it do that. It can add a redirect depending on how you requested the cert. But, it also places comments on lines it inserts.