Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: redpillrepublic.online
I ran this command:
It produced this output:
My web server is (include version): Nginx
The operating system my web server runs on is (include version): Unbuntu 20.04
My hosting provider, if applicable, is: Hostinger
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I use terminal
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): 0.40.0
Hi guy's hope everybody are doing well, 2 years ago you help me to get certificate for my websites and now i want to add another website so how can i add the new website to current certificate please?
I want to specify that last year i came to ask why my certificate didn't auto renew because i had cancel one of my website domains " www.escapingthematrix.online" and someone here told me that i need to keep the domains name .conf file for nginx sites enabled because the certificate was made with it. Here the link to that thread : Issues with renewal
Well, that was me who helped you with that but I did not suggest keeping an obsolete domain name active in nginx.
And, generally it is a better idea to have separate certificates for each domain name or set of closely related domain names (like the apex and a www subdomain).
You really should be using the snap install method for Certbot. V0.40.0 is nearly 6 years old and v4.1 is current. Follow these instructions closely: https://certbot.eff.org/
As for a cert for redpillrepublic you need to resolve the error below first. Why does your server send an HTTP 500 Internal Server error?
Your DNS may be set to a Hostinger service rather than the public IP for your nginx server. That's the first thing to check
Hi Mike nice to talk to you again, for the the snap version i don't remember what happen exactly but it almost screwed my nginx installation so that's why i was using old certbot version.
And for the server error 500 it is probably because i have not yet include the redpillrepublic.online .conf in nginx sites enabled correct?
No, probably your IP is wrong like I described. You can see that a server identified as "hcdn" replies to HTTP requests to your domain. That is a default Hostinger service not your nginx.
But, once you have your DNS set correctly you should setup a server block in nginx for port 80.
Request to: redpillrepublic.online/84.32.84.32, Result: [Address=84.32.84.32,Address Type=IPv4,Server=hcdn,HTTP Status=500
That is not likely caused by the snap install. More likely is you ran some kind of command that was not correct for your configuration.
Maybe it's because the last time i did this was too long ago but i am confused about the DNS setup, i currently have this in my hostinger DNS setiing ; CNAME www priority 0 redpillrepublic.online ttl 300
OH my i have read the link you provide and even compared my other domains DNS and so far i have no clue what DNS settings i have to add! I knew i was going in for trouble since i did this 3 years ago and at 62 my memory is not what it used to be.
Maybe i am also skipping some steps because i thought that i can get the certificate even if the mybb installation is not yet done on nginx server.
EDIT; I just delete the A record and made a new one that point to my VPS IP address i think it is what missing.
You could get a cert using a DNS Challenge before it is setup. But, your past threads used your nginx server and an HTTP Challenge. To satisfy this kind of challenge to get a cert you must have a working HTTP connection to nginx.
If mybb is new for you try their support forum. They probably have good instructions for initial setups. Maybe this is different than what you have done before. I don't know.
I was just pointing out common startup problems. You haven't described any specific thing you tried to get a cert or any error message. So far I haven't seen anything going wrong with Let's Encrypt to help you with. So far it has been DNS issues and mybb questions.
Yes i know Mike and i am not blaming anybody i just did a change that was suppose to be made for new domain, deleting the A record and made a new one to point to my VPS IP address.
This time on i will take some serious notes on each steps required to add a new domain since i don't do this on a regular basis.
OK the debug test now say it's OK so this was the correct setup. So should i first proceed to make the server block and installing MYBB before getting the new certificate?
OK Mike i am ready to add the new domain certificate so i presume that the following command should be the good one : sudo certbot certonly --nginx --cert-name escapingthematrix.online -d sortirdelamatrice.online -d www.sortirdelamatrice.online -d naos-soultrap.online -d www.naos-soultrap.online -d redpillrepublic.online -d www.redpillrepublic.online
OK Mike will follow your advice so the following command should be good right ; sudo certbot certonly --nginx --cert-name redpillrepublic.online -d www.redpillrepublic.online
Using certonly is at your discretion. Using it means you only get a cert. You then have to create the server block for port 443 yourself.
Omitting certonly has Certbot creating a server block for port 443 based on what you have in the port 80 server block. It then, by default, sets up redirects from HTTP to HTTPS
The certonly option isn't new. Just thought I'd refresh you memory
Result seem successful ;
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/redpillrepublic.online.conf
Traffic on port 80 already redirecting to ssl in /etc/nginx/sites-enabled/redpillrepublic.online.conf
nginx: [warn] conflicting server name "redpillrepublic.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.redpillrepublic.online" on 0.0.0.0:80, ignored
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/redpillrepublic.online/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/redpillrepublic.online/privkey.pem
Your cert will expire on 2025-10-14. To obtain a new or tweaked
version of this certificate in the future, simply run certbot again
with the "certonly" option. To non-interactively renew all of
your certificates, run "certbot renew"
If you like Certbot, please consider supporting our work by:
