GitLab on Ubuntu 20.04 SSL certificate renew

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. |, so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.


My ssl certificate expired yesterday and I am trying to renew it, but i am having trouble requesting the certificate using certbot.

I have created this directory: /var/www/letsencrypt

My domain is:

I ran this command: sudo certbot certonly --webroot --webroot-path=/var/www/letsencrypt -d

It produced this output: Timeout during connect (likely firewall problem)

My web server is (include version):

The operating system my web server runs on is (include version): Ubuntu Server 20.04 LTS 64bit

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know): yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 1.17.0

Thanks for your help

1 Like

Hi @mazzaAlessandro, and welcome to the LE community forum :slight_smile:

I'm sorry to see that your certificate has expired; the automated renewal process has failed us.

Please show the output of:
sudo nginx -T


Here's the output:
sudo: nginx: command not found

I miss something?

maybe I missed something...

Please show the output of:
sudo netstat -pant | grep -Ei 'nginx|apache|:80|:443'

sudo: netstat: command not found

I have to install something?

Are you copying that into the SSH connection?

Yes, i'm connected throught PuTTY and logged as root

OK. let's try something simpler...
ifconfig | grep -Ei 'add|inet'
hostname -I


hotname -I

return this :

ifconfig | grep -Ei 'add|inet'

Return this: Command 'ifconfig' not found, but can be installed with: apt install net-tools

OK, you are on the right system.

Let's try:
lsof -i | grep -E ':80|:443'

I see nginx listening on port 80.
Please try:
find / -name nginx


How was nginx installed?

During the GitLab installation

I'm not familiar with that...

/opt/gitlab/service/nginx -T
/var/opt/gitlab/nginx -T

Both returned 'Is a directory'

OK, try:
/opt/gitlab/embedded/sbin/nginx -T

If that fails, then show:
ps -ef | grep nginx


the first one fails, so the second one returned this:

That shows:

Try that again:
/opt/gitlab/embedded/sbin/nginx -T