NginX config with Jessie

New user here. I’m having a problem getting a response from my server when I enable SSL. I downloaded and installed certbot-auto, which completes successfully. So perhaps there is a problem with my NGINX config im not entirely sure.

My domain is:

My web server is (include version): NginX, Debian 8 (Raspberry Pi)

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

Here are my NginX configuration settings:
server {

        # SSL configuration
        # listen 443 ssl default_server;
        # listen [::]:443 ssl default_server;
        # Self signed certs generated by the ssl-cert package
        # Don't use them in a production server!
        # include snippets/snakeoil.conf;

        root /var/www/dokuwiki;

        # Add index.php to the list if you are using PHP
        index index.php index.html index.htm index.nginx-debian.html;


        # Max upload size
        client_max_body_size 25M;

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ @dokuwiki;

        location ~ /(data|conf|bin|inc)/ {
            deny all;
        # tidy URIs
        location @dokuwiki {
        rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
        rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
        rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
        rewrite ^/(?!lib/)(.*) /doku.php?id=$1&$args last;

        # pass the PHP scripts to FastCGI server listening on
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
        #       # With php5-cgi alone:
        #       fastcgi_pass;
                # With php5-fpm:
                fastcgi_pass unix:/var/run/php5-fpm.sock;

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        location ~ /\.ht {
                deny all;

        listen 80; # managed by Certbot

        listen 443 ssl; # managed by Certbot
        ssl_certificate /etc/letsencrypt/live/; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/; # managed by Certbot
        include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
        ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


Hi @whatevermike

there are problems. But what's your problem?



have different ip addresses. has a certificate with one name - so it's wrong. doesn't answer.

1 Like

Thank you @JuergenAuer

I resolved my problem by changing the server name to

My issue was related to my use of duckdns forwarding. I’m using a dynamic address so I am making use of their service to keep my domain pointed to the same server ip. I’m not sure if I can use duckdns service with an apex domain so I forgot the www. was required.

Once more thank you for your help.

1 Like

You can use it. But:

works now, with a correct certificate.

doesn't work, because the certificate has only as domain name.

So create one certificate with two domain names:

Then you can use both domain names.

Wow: Now you have the complete solution:


One certificate, three domain names, three domains with the same certificate.

Absolutely yeah :smile:

Learning a lot as I do this, after your suggestion I read more about multi-domain certificates as I was wondering about potential drawbacks. However it seems a very robust solution.

I still have a small issue of my server failing to respond when I visit the apex address with https ( I think it’s not a certificate problem so I will test my brain and read more docs to find the solution.

1 Like

One thing is bad. 302 0.387 D 301 https://_/ 0.336 D
https://_/ -1 2.343 U

Your first redirect isn’t perfect, but ok. But your redirects to https://_/ - which isn’t a valide domain name.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.