Domain shows "Can't be reached" after running sudo certbot --nginx

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command: sudo certbot --nginx

It produced this output:
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/
Key is saved at: /etc/letsencrypt/live/
This certificate expires on 2022-05-03.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in t he background.

Deploying certificate
Successfully deployed certificate for to /etc/nginx/conf.d/frapp e-bench.conf
Congratulations! You have successfully enabled HTTPS on

My web server is (include version): nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu 20.04.3 LTS

My hosting provider, if applicable, is: Digital Ocean

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): certbot 1.22.0

curl -Ii
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 03 Feb 2022 06:25:44 GMT
Connection: keep-alive
X-Served-By: Namecheap URL Forward

NameCheap URL forward?

1 Like

Is that not supposed to be there?
This is how my DNS is configured currently. I'm a bit new to this so I admit I might have made a mistake.

Any help would be appreciated.

I can't be certain, but it is suspicious.
Try removing the "URL Redirect Record" line.

1 Like

Just did this.

I also noticed as I was checking through nginx that the /etc/nginx/sites-enabled directory is empty, is that normal?

Not from my experience, but I have no idea how the server was setup.

1 Like

Currently, your nginx is returing a 500 internal server error on HTTP. And I'm getting a "connection refused" on port 443 (HTTPS).

This means, I think, two things:

First: your nginx configuration seems to be messed up;
Second: your nginx doesn't listen on HTTPS port 443.

1 Like

I didn't change anything about nginx itself. So it must have the default settings.

Just fixed the internal server error.

For the configuration, I ran nginx -t and it shows

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Don't know if that helps. Also how can I check if it is listening on port 443?

I also just ran certbot --nginx again and I get.

Could not automatically find a matching server block for Set the server_name directive to use the Nginx installer.

You have a choice to make. Do you want nginx to serve this site and this site only, or do you want to serve something else as well, on a different subdomain for example?

In the first case, you can probably edit nginx.conf directly. (I don't know if certbot can see that but you can always install your certificate manually... ehm, no, It's not something easier than this.)

The second case is easier. Make a /etc/nginx/sites-available/ file with this contents:

server {
  listen 80;
  listen [::]:80;

  # and the stuff needed to run your website: 
  #   - do you need php?
  #   - a webroot different fron the default one?

Then run

ln -s /etc/nginx/sites-available/ /etc/nginx/sites-enabled/ && service nginx reload

This should be enough to let certbot work and stop complaining.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.