Nginx serving the wrong cert

Yeah all good there.

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

The cert is definitely different to the www.kingsy.co.uk one too.

Certificate Name: dev.kingsy.co.uk
Serial Number: 45204f3cfeb496a8af45a1c14617dcf3b6f
Domains: dev.kingsy.co.uk
Expiry Date: 2021-04-14 13:16:14+00:00 (VALID: 89 days)
Certificate Path: /etc/letsencrypt/live/dev.kingsy.co.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/dev.kingsy.co.uk/privkey.pem

Certificate Name: www.kingsy.co.uk
Serial Number: 37402c3d8c30c2bf7f737a34f678cb4474e
Domains: www.kingsy.co.uk
Expiry Date: 2021-02-14 09:18:49+00:00 (VALID: 30 days)
Certificate Path: /etc/letsencrypt/live/www.kingsy.co.uk/fullchain.pem
Private Key Path: /etc/letsencrypt/live/www.kingsy.co.uk/privkey.pem

I am totally stumped

1 Like

Please read my reply correct.

1 Like

Please show the full configuration:
nginx -T

1 Like

Sorry for the delay. Here we go

# configuration file /etc/nginx/nginx.conf:
user  www;
worker_processes  1;

worker_rlimit_nofile 1024;
events {
    worker_connections  800;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    keepalive_timeout  65;
    gzip  on;
    server_tokens off;

    include /etc/nginx/sites-enabled/*;
}


# configuration file /etc/nginx/mime.types:

types {
    text/html                                        html htm shtml;
    text/css                                         css;
    text/xml                                         xml;
    image/gif                                        gif;
    image/jpeg                                       jpeg jpg;
    application/javascript                           js;
    application/atom+xml                             atom;
    application/rss+xml                              rss;

    text/mathml                                      mml;
    text/plain                                       txt;
    text/vnd.sun.j2me.app-descriptor                 jad;
    text/vnd.wap.wml                                 wml;
    text/x-component                                 htc;

    image/png                                        png;
    image/svg+xml                                    svg svgz;
    image/tiff                                       tif tiff;
    image/vnd.wap.wbmp                               wbmp;
    image/webp                                       webp;
    image/x-icon                                     ico;
    image/x-jng                                      jng;
    image/x-ms-bmp                                   bmp;

    font/woff                                        woff;
    font/woff2                                       woff2;

    application/java-archive                         jar war ear;
    application/json                                 json;
    application/mac-binhex40                         hqx;
    application/msword                               doc;
    application/pdf                                  pdf;
    application/postscript                           ps eps ai;
    application/rtf                                  rtf;
    application/vnd.apple.mpegurl                    m3u8;
    application/vnd.google-earth.kml+xml             kml;
    application/vnd.google-earth.kmz                 kmz;
    application/vnd.ms-excel                         xls;
    application/vnd.ms-fontobject                    eot;
    application/vnd.ms-powerpoint                    ppt;
    application/vnd.oasis.opendocument.chart                 odc;
    application/vnd.oasis.opendocument.chart-template        otc;
    application/vnd.oasis.opendocument.database              odb;
    application/vnd.oasis.opendocument.formula               odf;
    application/vnd.oasis.opendocument.formula-template      otf;
    application/vnd.oasis.opendocument.image                 odi;
    application/vnd.oasis.opendocument.image-template        oti;
    application/vnd.oasis.opendocument.graphics      odg;
    application/vnd.oasis.opendocument.graphics-template     otg;
    application/vnd.oasis.opendocument.presentation  odp;
    application/vnd.oasis.opendocument.presentation-template otp;
    application/vnd.oasis.opendocument.spreadsheet   ods;
    application/vnd.oasis.opendocument.spreadsheet-template  ots;
    application/vnd.oasis.opendocument.text          odt;
    application/vnd.oasis.opendocument.text-master           odm;
    application/vnd.oasis.opendocument.text-template         ott;
    application/vnd.oasis.opendocument.text-web              oth;
    application/vnd.wap.wmlc                         wmlc;
    application/x-7z-compressed                      7z;
    application/x-cocoa                              cco;
    application/x-java-archive-diff                  jardiff;
    application/x-java-jnlp-file                     jnlp;
    application/x-makeself                           run;
    application/x-ns-proxy-autoconfig                pac;
    application/x-perl                               pl pm;
    application/x-pilot                              prc pdb;
    application/x-rar-compressed                     rar;
    application/x-redhat-package-manager             rpm;
    application/x-sea                                sea;
    application/x-shockwave-flash                    swf;
    application/x-stuffit                            sit;
    application/x-tcl                                tcl tk;
    application/x-x509-ca-cert                       der pem crt;
    application/x-xpinstall                          xpi;
    application/xhtml+xml                            xhtml;
    application/zip                                  zip;

    application/octet-stream                         bin exe dll;
    application/octet-stream                         deb;
    application/octet-stream                         dmg;
    application/octet-stream                         iso img;
    application/octet-stream                         msi msp msm;

    audio/basic                           au snd;
    audio/midi                                       mid midi kar;
    audio/mpeg                                       mp3;
    audio/ogg                                        ogg;
    audio/x-m4a                                      m4a;
    audio/x-realaudio                                ra;

    video/3gpp                                       3gpp 3gp;
    video/mp2t                                       ts;
    video/mp4                                        mp4;
    video/mpeg                                       mpeg mpg;
    video/quicktime                                  mov;
    video/webm                                       webm;
    video/x-flv                                      flv;
    video/x-m4v                                      m4v;
    video/x-mng                                      mng;
    video/x-ms-asf                                   asx asf;
    video/x-ms-wmv                                   wmv;
    video/x-msvideo                                  avi;
}

# configuration file /etc/nginx/sites-enabled/budget-waste.co.uk:
server {
    listen 80;
    listen [::]:80;
    return 404;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    ssl_certificate /etc/letsencrypt/live/budget-waste.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/budget-waste.co.uk/privkey.pem;
    return 404;
}

server {
    listen 80;
    listen [::]:80;
    server_name budget-waste.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name budget-waste.co.uk;
    root /var/www/sites/budget-waste.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/budget_waste_nginx_error.log;
    access_log  /var/log/nginx/budget_waste_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/budget-waste.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/budget-waste.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/fastcgi_params:

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# configuration file /etc/nginx/sites-enabled/budgetaggregates.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name budgetaggregates.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name budgetaggregates.co.uk;
    root /var/www/sites/budgetaggregates.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/budgetaggregates_nginx_error.log;
    access_log  /var/log/nginx/budgetaggregates_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/budgetaggregates.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/budgetaggregates.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/budgettopsoil.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name budgettopsoil.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name budgettopsoil.co.uk;
    root /var/www/sites/budgettopsoil.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/budgettopsoil_nginx_error.log;
    access_log  /var/log/nginx/budgettopsoil_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/budgettopsoil.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/budgettopsoil.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/dev.kingsy.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name dev.kingsy.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name dev.kingsy.co.uk;
    root /var/www/sites/dev.kingsy.co.uk;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/dev_nginx_error.log;
    access_log  /var/log/nginx/dev_nginx_access.log;
    index index.php

    ssl_certificate /etc/letsencrypt/live/dev.kingsy.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.kingsy.co.uk/privkey.pem;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
      auth_basic "Administrator’s Area";
      auth_basic_user_file /etc/nginx/.htpasswd;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/durhamskipservices.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name durhamskipservices.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name durhamskipservices.co.uk;
    root /var/www/sites/durhamskipservices.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/durhamskipservices.co.uk_nginx_error.log;
    access_log  /var/log/nginx/durhamskipservices.co.uk_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/durhamskipservices.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/durhamskipservices.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/edinburghskipservices.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name edinburghskipservices.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name edinburghskipservices.co.uk;
    root /var/www/sites/edinburghskipservices.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/edinburghskipservices.co.uk_nginx_error.log;
    access_log  /var/log/nginx/edinburghskipservices.co.uk_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/edinburghskipservices.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/edinburghskipservices.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/expresswastesolutions.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name expresswastesolutions.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name expresswastesolutions.co.uk;
    root /var/www/sites/expresswastesolutions.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/expresswastesolutions.co.uk_nginx_error.log;
    access_log  /var/log/nginx/expresswastesolutions.co.uk_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/expresswastesolutions.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/expresswastesolutions.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/greenfieldtopsoil.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name greenfieldtopsoil.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name greenfieldtopsoil.co.uk;
    root /var/www/sites/greenfieldtopsoil.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/greenfieldtopsoil.co.uk_nginx_error.log;
    access_log  /var/log/nginx/greenfieldtopsoil.co.uk_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/greenfieldtopsoil.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/greenfieldtopsoil.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/hls-uk.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name hls-uk.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name hls-uk.co.uk;
    root /var/www/sites/hls-uk.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/hls-uk.co.uk_nginx_error.log;
    access_log  /var/log/nginx/hls-uk.co.uk_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/hls-uk.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/hls-uk.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/mail:
server {
    listen 80;
    listen [::]:80;
    server_name mail.kingsy.co.uk;

    # Commend and uncomment to renew SSL
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name mail.kingsy.co.uk;
    root /var/www/roundcubemail/public_html;
    error_log   /var/log/nginx/mail.log;
    access_log  /var/log/nginx/mail.log;

    ssl_certificate /etc/letsencrypt/live/mail.kingsy.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/mail.kingsy.co.uk/privkey.pem;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}


# configuration file /etc/nginx/sites-enabled/rubbishremovalgateshead.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name rubbishremovalgateshead.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name rubbishremovalgateshead.co.uk;
    root /var/www/sites/rubbishremovalgateshead.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/rubbishremovalgateshead_nginx_error.log;
    access_log  /var/log/nginx/rubbishremovalgateshead_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/rubbishremovalgateshead.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/rubbishremovalgateshead.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/skip-hire-gateshead.co.uk:
server {
    listen 80;
    listen [::]:80;
    server_name skip-hire-gateshead.co.uk;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name skip-hire-gateshead.co.uk;
    root /var/www/sites/skip-hire-gateshead.co.uk/web;
    #root /var/www/sites/holding;
    error_log   /var/log/nginx/skip-hire-gateshead_nginx_error.log;
    access_log  /var/log/nginx/skip-hire-gateshead_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/skip-hire-gateshead.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/skip-hire-gateshead.co.uk/privkey.pem;

    #allow 86.25.200.26;
    #deny  all;

    client_max_body_size 20M;

    location / {
      try_files $uri $uri/ /index.php?$args;
    }


    location ~ \.php$ {
        try_files $fastcgi_script_name =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    index index.php index.htm index.html;

    # Prevent PHP scripts from being executed inside the uploads folder.
    location ~* /app/uploads/.*.php$ {
      deny all;
    }

    location ~ /\.git {
        deny all;
    }
}

# configuration file /etc/nginx/sites-enabled/www.kingsy.co.uk:
upstream nodejs_upstream {
    server 127.0.0.1:3000;
    keepalive 64;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name www.kingsy.co.uk;
    root /var/www/sites/kingsy.co.uk;
    error_log   /var/log/nginx/kingsy_nginx_error.log;
    access_log  /var/log/nginx/kingsy_nginx_access.log;

    ssl_certificate /etc/letsencrypt/live/www.kingsy.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.kingsy.co.uk/privkey.pem;

    client_max_body_size 20M;

    location / {
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Real-IP $remote_addr;
    	proxy_set_header Host $http_host;

    	proxy_http_version 1.1;
    	proxy_set_header Upgrade $http_upgrade;
    	proxy_set_header Connection "upgrade";

    	proxy_pass http://nodejs_upstream/;
    	proxy_redirect off;
    	proxy_read_timeout 240s;
    }

}
1 Like

For legibility, please edit the post above and add three backticks above and below it.
Like:

```
your post
your post
your post
```

1 Like

Apologies for that, done

2 Likes

I can't find anything wrong with the config...

That only leaves one thing: nginx is having "issues".
At your earliest convenience, I would stop nginx and check to see if any nginx processes are still running. If so, that could explain what is going on here.
You would have to kill those remaining processes and then restart nginx.

1 Like

ok will do,
I could also remove ALL other websites from the config and leave only dev.kingsy.co.uk perhaps and try again?

1 Like

No that won't fix a "stray" process.

1 Like

Simple 3-step test:
ps -ef | grep nginx
systemctl stop nginx
ps -ef | grep nginx

If you still see any nginx, then we found the problem.
[you should see them only before the stop]

1 Like

Interesting!!!
So after stopping nginx, removing all other config

nginx -t now says

kingsy# nginx -t
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/dev.kingsy.co.uk:9
nginx: configuration file /etc/nginx/nginx.conf test failed

1 Like

Lets have a look at that "missing" file:
ls -l /etc/letsencrypt/live/dev.kingsy.co.uk/fullchain.pem
cat /etc/letsencrypt/live/dev.kingsy.co.uk/fullchain.pem

and
cat /etc/nginx/sites-enabled/dev.kingsy.co.uk

1 Like

OH NO!!!!!!
It was a missing semi colon.....

    index index.php

    ssl_certificate /etc/letsencrypt/live/dev.kingsy.co.uk/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/dev.kingsy.co.uk/privkey.pem;

WHY in the world wouldnt nginx -t flag that before I stopped it?

Thats so so annoying. :smiley: :smiley:

2 Likes

Now it works - https://dev.kingsy.co.uk/ has a certificate.

1 Like

Agreed.
With a missing semi-colon, it should NOT have passed the test.
[false positive]

1 Like

I am gutted, so sorry to waste both of your time. but I was really really stuck with that.

I very much appreciate your fast responses and ultimately helping out with an issue that wasn't related to lets encrypt.

Amazing thanks so much.

2 Likes

Totally agree, I am really confused with out the application acted.

Slightly concerning

1 Like

Be grateful you use nginx.
I find apache to be 10 times worse at such checks!

2 Likes

4 posts were split to a new topic: No "ssl_certificate" is defined for the "listen ... ssl" directive

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.