How to deploy an existing certificate into a new webserver

Help
6

@rg305 Almost there but not quite. I successfully used $certbot --nginx which porduced:

server {
    root /var/www/html/drupal;
    index  index.php index.html index.htm;
    server_name  www.rescuerobot.org

    client_max_body_size 100M;
    autoindex off;

    location ~ \..*/.*\.php$ {
        return 403;
    }

    location ~ ^/sites/.*/private/ {
        return 403;
    }

    # Block access to scripts in site files directory
    location ~ ^/sites/[^/]+/files/.*\.php$ {
        deny all;
    }

    location ~ (^|/)\. {
        return 403;
    }

    location / {
        try_files $uri /index.php?$query_string;
    }

    location @rewrite {
        rewrite ^/(.*)$ /index.php?q=$1;
    }

    # Don't allow direct access to PHP files in the vendor directory.
    location ~ /vendor/.*\.php$ {
        deny all;
        return 404;
    }

    location ~ '\.php$|^/update.php' {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/php7.4-fpm.sock;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location ~ ^/sites/.*/files/styles/ { # For Drupal >= 7
        try_files $uri @rewrite;
    }
    location ~ ^(/[a-z\-]+)?/system/files/ { # For Drupal >= 7
        try_files $uri /index.php?$query_string;
    }

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/rescuerobot.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/rescuerobot.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

server {
    if ($host = www.rescuerobot.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;
    server_name  www.rescuerobot.org

    client_max_body_size 100M;
    return 404; # managed by Certbot


}

This works for https://rescuerobot.org https://www.rescuerobot.org and http://www.rescuerobot.org ** but not for http://rescuerobot.org ** My web-server is running: please check. I am not capable of debugging the above script but I think there is something not quite right in this its php code.
http://rescuerobot.org goes to a 404 error page whereas all of the others correctly end up at:

setup05092021d
setup05092021d814×802 106 KB

The deletion of the old certificate worked correctly as shown in:
Install-Drupal-9-08092021.txt (17.1 KB)
Many thanks for your help.
Kevin

1 Like