Hi Osiris i am trying to get all 3 websites on https and by system status i am not exactly sure what you mean by this?
Here the result of the certbot certificats ;
Currently, your nginx serves the certificate with the name naos-soultrap.online for all domains, which is not what you want of course. You want to have nginx use the certificate with the name escapingthematrix.online.
Once you have all the server blocks correctly configured with the correct server_name directives, as suggested above, you could try to run certbot install --nginx --cert-name escapingthematrix.online to install the correct cert into the HTTPS blocks.
pierre@sortirdelamatrice:/etc/nginx/sites-available$ sudo certbot install --nginx --cert-name escapingthematrix.online
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator None, Installer nginx
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/sortirdelamatrice.online.conf
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/escapingthematrix.online.conf
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/naos-soultrap.online.conf
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/escapingthematrix.online.conf
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/naos-soultrap.online.conf
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/sortirdelamatrice.online.conf
nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80, ignored
Please choose whether or not to redirect HTTP traffic to HTTPS, removing HTTP access.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: No redirect - Make no further changes to the webserver configuration.
2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for
new sites, or if you're confident your site works on HTTPS. You can undo this
change by editing your web server's configuration.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/sortirdelamatrice.online.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/escapingthematrix.online.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/naos-soultrap.online.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/escapingthematrix.online.conf
Traffic on port 80 already redirecting to ssl in /etc/nginx/sites-enabled/naos-soultrap.online.conf
Redirecting all traffic on port 80 to ssl in /etc/nginx/sites-enabled/sortirdelamatrice.online.conf
nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80, ignored
OK guy's everything is now working all sites are now secured but i have just a remaining question, will the renewal be automatic or i will have to do it manually?
Thank to all of you i have learn a lot about certificates and now I'm a happy guy!
I cannot really mark any post as the solution since all of you guy's were part of the solution.
Depends on how you installed Certbot. Looking at the ancient version you're using probably using apt. And looking at the files the Ubuntu 20.04 package certbot installs (Ubuntu – File list of package certbot/focal/all), there should be a systemd timer setup to automatically renew.
It's always a good idea to run certbot renew --dry-run to test the renewal.
Hi Osiris, OK i will do a dry run and should i mind about the warning in the command result here?;
nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80, ignored
Thank again Mike, but after looking very carefully it doesn't seem i have any duplicate but i will look once more to be sure. All sites seem to be working fine so maybe this will not affect anything serious and a sudo nginx -t give a successful result.
Regards Peter
pierre@sortirdelamatrice:/etc/nginx/sites-available$ sudo nginx -T | grep naos
nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/sites-enabled/naos-soultrap.online.conf:
server_name naos-soultrap.online www.naos-soultrap.online;
root /home/pierre/public/naossoultrap;
if ($host = www.naos-soultrap.online) {
if ($host = naos-soultrap.online) {
server_name naos-soultrap.online www.naos-soultrap.online;
if ($host = naos-soultrap.online) {
server_name naos-soultrap.online www.naos-soultrap.online;
That output suggests that /etc/nginx/sites-enabled/naos-soultrap.online.conf contains more than what you've shown earlier. In your post a few posts up only a single if ($host = naos-soultrap.online) { with corresponding server_name is shown, but the nginx -T output shows it twice. So a duplicate. Although it could also be in a different configuration file without "naos" in it, as you're grepping on naos. So please check again without the grep part and see which file contains the duplicate server block.
pierre@sortirdelamatrice:/etc/nginx/sites-available$ sudo nginx -t
nginx: [warn] conflicting server name "naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name "www.naos-soultrap.online" on 0.0.0.0:80, ignored
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
The only configuration i have made and edit are the 3 server block that i have post in the upper section so i really don't get the naos-soultrap conflicting server name, i didn't put this server name anywhere else and i have verify all 3 server block after certbot modified them and there is no duplicate of that name there!
Strange, could this have happen when i reinstall the correct certificate since i really didn't touch it at all!
So just deleting this part should fix it right ?
server {
if ($host = naos-soultrap.online) {
return 301 https://$host$request_uri;
} # managed by Certbot