No "ssl_certificate" is defined for the "listen in le_http_01_cert_challenge.conf

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: uts.perrill.dev

I ran this command: certbot renew (selected vhost)

It produced this output:
blank to select all options shown (Enter 'c' to cancel): 107

Requesting a certificate for uts.perrill.dev

Performing the following challenges:

http-01 challenge for uts.perrill.dev

Cleaning up challenges

nginx restart failed:

nginx: [warn] duplicate value "any" in /etc/nginx/conf.d/gzip.conf:7

nginx: [warn] duplicate MIME type "text/plain" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "text/css" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "application/json" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "application/x-javascript" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "text/xml" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "application/xml" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "application/xml+rss" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "text/javascript" in /etc/nginx/conf.d/gzip.conf:9

nginx: [warn] duplicate MIME type "image/svg+xml" in /etc/nginx/conf.d/gzip.conf:9

nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/letsencrypt/le_http_01_cert_challenge.conf:1

Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

My web server is (include version):
nginx version: nginx/1.18.0 (Ubuntu)

The operating system my web server runs on is (include version):
Ubuntu 20

I can login to a root shell on my machine (yes or no, or I don't know): ssh root shell

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 1.30.0

Hello @dolson1, welcome to the Let's Encrypt community. :slightly_smiling_face:

With https://letsdebug.net/ HTTP-01 challenge I see this result https://letsdebug.net/uts.perrill.dev/1246777

1 Like

That's odd. Could you please post the full output of:

sudo nginx -T
4 Likes

This server does warn about duplicate MIME types but I'm not super concerned about that. Syntax tests fine. certbot run/renew has an issue when trying to restart nginx

root@dev2:/etc/nginx/conf.d# nginx -t
nginx: [warn] duplicate value "any" in /etc/nginx/conf.d/gzip.conf:7
nginx: [warn] duplicate MIME type "text/plain" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "text/css" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "application/json" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "application/x-javascript" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "text/xml" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "application/xml" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "application/xml+rss" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "text/javascript" in /etc/nginx/conf.d/gzip.conf:9
nginx: [warn] duplicate MIME type "image/svg+xml" in /etc/nginx/conf.d/gzip.conf:9
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
root@dev2:/etc/nginx/conf.d#

He'd asked for sudo nginx -T
(capital T but sudo may not be needed)

3 Likes

But that wouldn't be useful when nginx is running in the regular "mode", right? But only when Certbot has loaded the challenge using the nginx authenticator. So if the command doesn't turn out to be helpful, my suggestion would be to run sudo certbot renew --debug-challenges and try the sudo nginx -T command again while Certbot has loaded the challenge and is waiting for user input to proceed.

4 Likes

Yes, good point. That conf file is part of the temp changes the --nginx plug-in makes

4 Likes