I successfully installed Let’s Encrypt at Envesti.com and RichardGengel.com. But when installing at BeLikeBrit.org, Google Chrome and many other browsers do not trust it. Really not to sure what to do, have been researching for hours. Will add more information below:
server {
listen 443 ssl;
root /var/www/belikebrit.org/public_html;
index index.html index.htm index.php;
server_name belikebrit.org www.belikebrit.org;
ssl_certificate /etc/letsencrypt/live/belikebrit.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/belikebrit.org/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers ‘EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH’;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
location / {
try_files $uri $uri/ /index.html;
rewrite ^/([A-Za-z0-9-]+)/$ index.php?page=$1 last;
rewrite ^/([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/$ index.php?page=$1&title=$2 last;
rewrite ^/([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/([A-Za-z0-9-]+)/$ index.php?page=$1&title=$2&hash=$3 last;
}
location ~ /.well-known {
allow all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on the php-fpm socket
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_read_timeout 360;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
location /core {
auth_basic "Admin Login";
auth_basic_user_file /etc/nginx/pma_pass;
}
location /timoun {
proxy_pass http://localhost:1337;
}
}
server {
listen 80;
listen [::]:80;
server_name belikebrit.org;
rewrite ^/(.*) https://belikebrit.org./$1 permanent;
}