Fantastic!! and what a fast response!! I am amazed.
@rg305, you are a life saver!! the instructions in the link you sent worked a charm! This time the challenges worked fine. (To be honest i actually tried these instructions at the start but that time the public internet access was not provided. i later forgot about this link and kept trying other options when we got the public internet access for the VM).
However, the test for ssl still fails when i test thru this: https://www.ssllabs.com/ssltest/index.html
That's probably bcos of my horrible nginx config.
It would be great if you can share links for correctly configuring nginx (I find the terminology not quite clear on pem/cert/key/bundle etc.)
This is how the config was when i issued the certbot command.
server {
listen 443;
server_name tdmworld.net www.tdmworld.net;
location / {
proxy_pass http://127.0.0.1:5000;
}
}
I think i should include somes lines on ssl, but not sure of the right way to do it.
I also notice some error msgs at the time of certs issued:
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: tdmworld.net
2: www.tdmworld.net
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1,2
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for tdmworld.net
http-01 challenge for www.tdmworld.net
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
Waiting for verification...
Cleaning up challenges
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
Deploying Certificate to VirtualHost /etc/nginx/conf.d/virtual.conf
Deploying Certificate to VirtualHost /etc/nginx/conf.d/virtual.conf
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directiv e in /etc/nginx/conf.d/virtual.conf:1
Rolling back to previous server configuration...
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "tdmworld.net" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.tdmworld.net" on 0.0.0.0:80, ignored
nginx restart failed:
b''
b''
IMPORTANT NOTES:
- We were unable to install your certificate, however, we
successfully restored your server to its prior configuration.
- Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/tdmworld.net/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/tdmworld.net/privkey.pem
Your cert will expire on 2021-01-10. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew *all* of
your certificates, run "certbot renew"