Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: mail.jv80.se
I ran this command:
certbot certonly --webroot -w /var/www/html -d mail.jv80.se
My web server is (include version):
nginx 1.8
The operating system my web server runs on is (include version):
Ubuntu 22.04
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
1.21.1
I have used this command without a problem many times on this mail server. I normally get certs for 7 domains using one name. But this time when I added the new domain I got this error on all domains. Error getting application data. Nothing has changed on the server and I have tested that port 80 is open
Well the whole string is sudo certbot certonly --webroot --agree-tos -d mail.mxmail.pro,mail.mxmail.se,webmail.mxmail.se,mail.ktimatheophanous.com.cy,mail.pissouri.org,mail.mediasafe.pro,mail.jv80.se --cert-name mail.mxmail.pro --email anders@mxmail.pro -w /var/www/html
If I take away mail.jv80.se from the string it works. All domains are on the same mail server
And if I ping it it responds
That still points to you needing to fix the webserver that needs to respond to the HTTP-01 challenge for mail.jv80.se. Do you have a virtual host configured for that name?
If you expect to obtain a certificate for mail.jv80.se using an HTTP-01 challenge you are going to need a functioning VirtualHost for that name in your nginx configuration.
In my nginx config. The emailserver has been running for a year with 6 domains and renewed certs without problem. Nothing has changed. So I dont understand what has happened
Without any additional context, that message is not terribly useful. I've got nothing else for you at the moment. Hang tight and see if another volunteer has anything else for you.
You do not have a server block for mail.jv80.se listening on port 80.
So, nginx would use the default for that domain name. In your config it is the first server block for port 80 which is this one
# configuration file /etc/nginx/sites-enabled/00-default.conf:
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTP
server {
listen 80;
server_name _;
}
Note there is no root folder specified. In which case nginx uses its default of html. Which of course is not what you told Certbot and is probably not a valid folder on your system.
So, that explains why this does not work.
Fixing it is a different problem. Your nginx config is confusing.
I am not sure what you are trying to achieve in this config. You have a config file named for mail.mediasafe.pro (and for mail.jv80.se) but the server_names in those config files are not that domain name (it is the apex name instead). The name of the file does not have to match the server_name but it looks like you intended to match them and never did.
This server block won't be used for mail.mediasafe.pro requests (your default server block above will be).
# configuration file /etc/nginx/sites-enabled/mail.mediasafe.pro.conf:
# HTTP
server {
# Listen on ipv4
listen 80;
#listen [::]:80;
server_name mediasafe.pro;
# Redirect all insecure http:// requests to https://
return 301 https://$host$request_uri;
}
If you do not know how to proceed I maybe could walk you through fixing it. But, I don't know that I'll have that much time. I would need to see output of this too