Hey,
I have been using Let’s Encrypt for several projects and thanks for making it free. The current project I am working on is a basically a website builder. There is one main domain and several sub domains, also I am redirecting different domains to different subdomains. I am hosting three servers on ubuntu 16.04 with nginx.
I was able to create the certs for the main domain venuenetwork.info. I am trying to create cert for kvmmysore.in which redirects to dog.venuenetwork.info using Godaddy forwarding.
The nginx configuration for venuenetwork.info is as below
server {
listen 80;
server_name api.venuenetwork.info;
root /home/ubuntu/;
location / {
#add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT';
proxy_pass http://localhost:8080;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/venuenetwork.info/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/venuenetwork.info/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name admin.venuenetwork.info;
root /home/ubuntu/;
location / {
add_header ‘Access-Control-Allow-Origin’ ‘*’;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;
proxy_pass http://localhost:7000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/venuenetwork.info/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/venuenetwork.info/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name venuenetwork.info .venuenetwork.info;
root /home/ubuntu/;
location / {
proxy_set_header Host $host;
add_header ‘Access-Control-Allow-Origin’ '’;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;
proxy_pass http://localhost:3000;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/venuenetwork.info/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/venuenetwork.info/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
The above configuration was edited automatically when I ran certbot command - sudo certbot --nginx -d venuenetwork.info -d www.venuenetwork.info
The nginx configuration for kvmmysore.in is as below
server {
listen 80;
server_name kvmmysore.in www.kvmmysore.in;
root /home/ubuntu/;
location / {
proxy_set_header Host $host;
add_header ‘Access-Control-Allow-Origin’ ‘*’;
add_header ‘Access-Control-Allow-Methods’ ‘GET, POST, OPTIONS’;
proxy_pass http://localhost:3000;
}
}
Now when I try to run the command I get the following
sudo certbot --nginx -d kvmmysore.in -d www.kvmmysore.in
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for kvmmysore.in
http-01 challenge for www.kvmmysore.in
nginx: [warn] conflicting server name “kvmmysore.in” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “www.kvmmysore.in” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “api.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “admin.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “*.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “api.venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “admin.venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “*.venuenetwork.info” on 0.0.0.0:443, ignored
Waiting for verification…
Cleaning up challenges
nginx: [warn] conflicting server name “kvmmysore.in” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “www.kvmmysore.in” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “api.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “admin.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “*.venuenetwork.info” on 0.0.0.0:80, ignored
nginx: [warn] conflicting server name “api.venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “admin.venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “venuenetwork.info” on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name “*.venuenetwork.info” on 0.0.0.0:443, ignored
Failed authorization procedure. www.kvmmysore.in (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://www.kvmmysore.in/.well-known/acme-challenge/fP2OonJQ_o8uU45vAToBd1sjo_ymJoxBjKUw6kjPZjk: "<!-- Server: P3PWPARKSTAT05 --><!DOCTYPE html><body style=“padding:0; margin:0;”><html><body><iframe src=“http://mcc.godaddy.com”, kvmmysore.in (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://kvmmysore.in/.well-known/acme-challenge/ZZFOZWwFzZfk2a26dk4l9Z7ZT4AWCQvxspTECXaMwYc: "<!-- Server: P3PWFWD004 --><!DOCTYPE html><body style=“padding:0; margin:0;”><html><body><iframe src=“http://mcc.godaddy.com/par”
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: www.kvmmysore.in
Type: unauthorized
Detail: Invalid response from
http://www.kvmmysore.in/.well-known/acme-challenge/fP2OonJQ_o8uU45vAToBd1sjo_ymJoxBjKUw6kjPZjk:
"<!-- Server: P3PWPARKSTAT05 --><!DOCTYPE html><body
style=“padding:0; margin:0;”><html><body><iframe
src=“http://mcc.godaddy.com”
Domain: kvmmysore.in
Type: unauthorized
Detail: Invalid response from
http://kvmmysore.in/.well-known/acme-challenge/ZZFOZWwFzZfk2a26dk4l9Z7ZT4AWCQvxspTECXaMwYc:
"<!-- Server: P3PWFWD004 --><!DOCTYPE html><body style="padding:0;
margin:0;"><html><body><iframe src=“http://mcc.godaddy.com/par”
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Please let me know how I solve this ? I will be making several such redirections of different domain to the subdomains of venuenetwork.info.