Error trying to dry run renew cert


#1

I was testing the certbot renew --dry-run command to see if I would be find to just put the command in a cron record, however it indicates it had a problem restarting NGINX

Cleaning up challenges
Attempting to renew cert from /etc/letsencrypt/renewal/tarasis.net.conf produced an unexpected error: nginx restart failed:

2016/07/19 22:14:44 [emerg] 24709#24709: a duplicate default server for 0.0.0.0:443 in /etc/nginx/sites-enabled/tarasis.net:5
. Skipping.
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates below have not been saved.)

All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/tarasis.net/fullchain.pem (failure)
** DRY RUN: simulating ‘certbot renew’ close to cert expiry
** (The test certificates above have not been saved.)
1 renew failure(s), 0 parse failure(s)

My nginx file works okay, and I can restart it manually without issue.

nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

From the domain file

listen 80 default_server;
listen [::]:80 ipv6only=on default_server;

listen 443 ssl default_server;
listen [::]:443 ipv6only=on ssl default_server;

Commenting out the two ipv6 lines makes no difference.

No other file in the sites_available or sites_enabled directory uses default_server

find . | xargs grep default
./tarasis.net: listen 80 default_server;
./tarasis.net: #listen [::]:80 ipv6only=on default_server;
./tarasis.net: listen 443 ssl default_server;
./tarasis.net: #listen [::]:443 ipv6only=on ssl default_server;

Does anyone have any thoughts?


#2

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.