Nginx: [emerg] "ssl_certificate" directive is duplicate in /etc/nginx/sites-enabled/00-default-ssl.conf

Hello everyone. First of all I would like to say thank you for everything that you guys are doing. I found a similar topic like mine but it didn’t work for me so here we are.

I’m running Debian 9.0 x64 with nginx.

While I’m trying to use certbot --nginx, I’m getting the following output:

Select the appropriate number [1-2] then [enter] (press ‘c’ to cancel): 1
Keeping the existing certificate
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/00-default-ssl.conf
nginx: [emerg] “ssl_certificate” directive is duplicate in /etc/nginx/sites-enabled/00-default-ssl.conf:25
Rolling back to previous server configuration…
nginx restart failed:

My /etc/nginx/sites-enabled/00-default-ssl.conf:

server {
listen 443 ssl;
listen [::]:443 ssl ipv6only=on;


root /var/www/hog;
index index.php index.html;

include /etc/nginx/templates/misc.tmpl;
include /etc/nginx/templates/ssl.tmpl;
include /etc/nginx/templates/iredadmin.tmpl;
include /etc/nginx/templates/roundcube.tmpl;
include /etc/nginx/templates/sogo.tmpl;
include /etc/nginx/templates/netdata.tmpl;
include /etc/nginx/templates/php-catchall.tmpl;
include /etc/nginx/templates/stub_status.tmpl;

server {
listen 80;
listen [::]:80;
return 301$request_uri;

Running nginx -t:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

certbot --version -  certbot 0.28.0

To be honest I don’t want to reinstall everything to get this problem fixed. Is there any solution to get this fixed?

Thanks in advance!!!

1 Like

Please show this file:


Here’s the /etc/nginx/templates/ssl.tmpl

ssl_protocols TLSv1.2;

# Fix 'The Logjam Attack'.
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/dh2048_param.pem;

# To use your own ssl cert (e.g. "Let's Encrypt"), please create symbol link to
# ssl cert/key used below, so that we can manage this config file with Ansible.
# For example:
# rm -f /etc/ssl/private/iRedMail.key
# rm -f /etc/ssl/certs/iRedMail.crt
# ln -s /etc/letsencrypt/live/<domain>/privkey.pem /etc/ssl/private/iRedMail.key
# ln -s /etc/letsencrypt/live/<domain>/fullchain.pem /etc/ssl/certs/iRedMail.crt
# To request free "Let's Encrypt" cert, please check our tutorial:
ssl_certificate /etc/ssl/certs/iRedMail.crt;
ssl_certificate_key /etc/ssl/private/iRedMail.key;
1 Like

I think you can comment out this entire line.

There is something really strange going on, nginx should not complain about a duplicate ssl_certificate directive, what nginx version are you running?

also, check if there’s another one somewhere: grep -r ssl_certificate /etc/nginx

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.