Nginx restart failed: while issuing certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: 346.kublickas.com

I ran this command: sudo certbot --nginx -d 346.kublickas.com -d www.346.kublickas.com -v

It produced this output:

nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/letsencrypt/le_http_01_cert_challenge.conf:1
Encountered exception:
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 1119, in perform
    self.restart()
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 916, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 1188, in nginx_restart
    "nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
MisconfigurationError: nginx restart failed:



Calling registered functions
Cleaning up challenges
Exiting abnormally:
Traceback (most recent call last):
  File "/bin/certbot", line 9, in <module>
    load_entry_point('certbot==1.3.0', 'console_scripts', 'certbot')()
  File "/usr/lib/python2.7/site-packages/certbot/main.py", line 15, in main
    return internal_main.main(cli_args)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1347, in main
    return config.func(config, plugins)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 1101, in run
    certname, lineage)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/main.py", line 121, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 410, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 344, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/client.py", line 391, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/usr/lib/python2.7/site-packages/certbot/_internal/auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 1119, in perform
    self.restart()
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 916, in restart
    nginx_restart(self.conf('ctl'), self.nginx_conf)
  File "/usr/lib/python2.7/site-packages/certbot_nginx/_internal/configurator.py", line 1188, in nginx_restart
    "nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
MisconfigurationError: nginx restart failed:


nginx restart failed:

My web server is (include version):

The operating system my web server runs on is (include version): CentOS 7

My hosting provider, if applicable, is: Self-hosted

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): certbot 1.3.0

1 Like

Does the /etc/letsencrypt/le_http_01_cert_challenge.conf file still exist? Can you post it?

Is there more information about the configuration in /var/log/letsencrypt/letsencrypt.log?

Can you post the Nginx virtual host(s) for those hostnames?

1 Like

@mnordhoff Thank you for replying.
The /etc/letsencrypt/le_http_01_cert_challenge.conf config file no longer exists.
The letsencrypt.log contained no additional information.
Setting the port from 80 to 443 in /etc/nginx/nginx.conf seems to have solved the problem.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.