How do get a certificate for a redirect site?

My domain is:
ekaya.co

I ran this command:
./certbot-auto certonly --webroot -w /srv/rental/public -d s.ekaya.co

It produced this output:
Failed authorization procedure. ekaya.co (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://ekaya.co/.well-known/acme-challenge/tC3dZV2QWM4Vsf3BsLKeOCNh14kjoupxP8gJ0lR9oOA: "<!doctype html>

My operating system is (include version):
Debian Wheezy

My web server is (include version):
Nginx

I can login to a root shell on my machine (yes or no, or I don’t know):
Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No.

Certbot works fine running against our main domain name, e.g.:
./certbot-auto certonly --webroot -w /srv/rental/public -d ekaya.com

But when I try get a certificate for our alternative domain, ekaya.co, it gives the error shown above. How do I get it to work, given that we have this nginx config file redirecting requests from ekaya.co to ekaya.com ?

force http calls to https

server {
server_name ekaya.co;

listen 80;
listen 443;

location = / {
    # Check if a file exists, or route it to index.php.
    rewrite ^ http://www.ekaya.co last;
}

location ~* (/.*) {
    rewrite ^ https://eboard.io$request_uri? last;
}

}

redirect ekaya.co correctly

server {
server_name agent.ekaya.co;

listen 80;
listen 443;

location ~* (/.*) {
    rewrite ^ https://agent.eboard.io$request_uri? permanent;
}

}

redirect s.ekaya.co correctly

server {
server_name s.ekaya.co;

listen 80;
listen 443;

location ~* (/.*) {
    rewrite ^ https://s.eboard.io$request_uri? permanent;
}

}

It should just follow the redirects and work OK, however there does look something odd (or is it just your copy / paste ) in that you use the command

./certbot-auto certonly --webroot -w /srv/rental/public -d s.ekaya.co

yet the error is

Invalid response from http://ekaya.co/.well-known/....

so one is the subdomain and the other the domain !!!

Sorry, yes, s. is a forum typo, I was using the correct domain on my actual server. That’s not what is causing the error.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.