hi, i am running multiple domains on the same server. all handled by nginx. some are php/wordpress, some are ruby on rails.
all domains getting the same problem. i am redirecting from http to https with this code:
server {
listen 80;## default_server;
server_name campscouts.comwww.campscouts.com;
return 301 https://www.campscouts.com$request_uri;
error_page 500 502 503 504 /50x.html;
}
This might be the problem.
You should have a root block in the config, why do you add another one under well-known?
(This is the issue! Seems you override your location of ./well-known to your root, which is /var/www/html/wordpress/campscouts/. You should remove root /var/www/html/wordpress/campscouts/; in this location block.
Refer to : Pitfalls and Common Mistakes | NGINX)
This is what i have for well-known:
location ~ /.well-known {
allow all;
}
P.S.
This might not be the problem, but i just want to show a (maybe better) config for redirecting from 80 to 443.
server {
#Listen 80
listen 80;
#Listen 80, IPV6 (Remove this if you don''t have it)
listen [::]:80;
#Your domain
server_name campscouts.com www.campscouts.com;
# tell users to go to SSL version this time
if ($ssl_protocol = "") {
rewrite ^ https://$server_name$request_uri? permanent;
}
}
Also, --post-hook "service nginx start", you should not use it because you have not stop nginx previously, I recommend using --renew-hook "service nginx reload"
Note: I don't know what certbot you are using but --renew-hook parameter has changed to --deploy-hook, I explicitily used --renew-hook because it will work on old and new versions.
Regarding your validation issue, could you please share the server block for domain campscouts.com on port 443?.
Anyway, you can remove the return directive on your server block, validate your domain, get the cert and then create the right conf to serve your domain on port 443 and put back the return directive.
thank you.
/somepathhere refers to a path within a rails-application. i am issuing a
a few certificates (5 domains) with the command, but all are failing. thats
basically a 'shared directory.
If you use /somepathhere in certbot command then your nginx root should point there, I think it will be easier if you use the second option I posted above:
Where are you getting those errors?, Did you finally issued your certificate?. Keep in mind that you need to add a server block for your domain listening on port 443 ssl, with the right SSL directives pointing to your certificate, etc.