Nginx certificate instalation fail (Funny history)

OK, this is my history... I manage to made a complete installation of certs in my domain, but when I am logged throw web browsing I had an error (now I know it was because I had a bad naimng on my DNS server, but I thank was because something with certs).

When I was desperate I delete the file of my domain in sites-available (nginx server), remade it using default template and relaunching certbot enhance command. When I realice that my problem was on DNS I tried to make all the process again.

Because I use default template, I don’t have installed any certs to use when someone access throw IPv6, and I don’t know where can I find the correct old ones. (. pam files). I try using again command catboat enhance --nginx, but give me an error, more details bellow

I hope someone can help me: sweat_smile:: sob:

Edit: I dont know if that matters but when I access to my website i get SSL_ERROR_BAD_CERT_DOMAIN

#More Details
My domain is:

I ran this command: sudo certbot enhance --nginx

It produced this output:

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Please specify one or more enhancement types to configure. To list the available enhancement types, run:

/snap/certbot/1042/bin/certbot --help enhance

No enhancements requested, exiting.

My web server is (include version): Nginx 1.18.0

The operating system my web server runs on is (include version): Ubuntu 20.04

I can login to a root shell on my machine: yes

I'm using only terminal

The version of my client is certbot 1.13.0

1 Like

I have a little trouble understanding everything you're saying, but if I understand you correctly, you've "reset" your nginx configuration and you'd like to install a current certificate with aid of certbot, correct? I.e., you only have HTTP configured in nginx and would like certbot to make it HTTPS?

If so, the enhance option is not what you want. If you run certbot --help enhance, it says:

Helps to harden the TLS configuration by adding security enhancements to already existing configuration.

With these "security enhancements" the cerbot team means enhancements to an already existing HTTPS site, not the generation of such a HTTPS configuration itself.

You'd probably want to use the certbot install --nginx option.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.