My domain is: http://fts.pixellicio.us
I ran this command: sudo certbot --nginx
It produced this output:
root@ftsweb:~# sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Error while running nginx -c /etc/nginx/nginx.conf -t.
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/default:21
nginx: configuration file /etc/nginx/nginx.conf test failed
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: MisconfigurationError('Error while running nginx -c /etc/nginx/nginx.conf -t.\n\nnginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/default:21\nnginx: configuration file /etc/nginx/nginx.conf test failed\n')
root@ftsweb:~# sudo certbot renew --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
No simulated renewals were attempted.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
root@ftsweb:~#
My web server is (include version):
Flask 3.0
The operating system my web server runs on is (include version):
Ubuntu 20
My hosting provider, if applicable, is:
RoyaleHosting
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
No, I am running it on the command line. I am trying to move to nginx to free up the command line when the server is running and add HTTPS support but I keep running into these issues. I am SSH'd into the server.
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
2.7.3
^Croot@ftsweb:~/fts_web# service nginx start
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
root@ftsweb:~/fts_web# nginx
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/default:21
root@ftsweb:~/fts_web# nginx -t
nginx: [emerg] no "ssl_certificate" is defined for the "listen ... ssl" directive in /etc/nginx/sites-enabled/default:21
nginx: configuration file /etc/nginx/nginx.conf test failed
root@ftsweb:~/fts_web#
As described by nginx, your .../sites-enabled/default file has an invalid statement on line 21. My guess is you have a listen 443 ssl; statement in a server block without any ssl certificates defined. You cannot have partly enabled server blocks in nginx. If you don't yet have any certs you should not have an ssl server block defined.
If you post your entire default file someone might be able to help. I was just about to sign off for the nite so probably wont be me.
Well, sorry, but this isn't a general-purpose nginx support site. With a quick glance I don't think you even followed that blog very well. Maybe someone else will chime in but you should at least remove those two listen clauses for port 443 when you don't have any ssl certs defined.
I think you have a lot of learning to do and certs are not your biggest problem.
Didn't say I had fully followed it. I was trying to but got stuck on the certificate not working. Is it worth it to just start over again? I have http working but not https.
you have a broken nginx. First fix it so you can stop and start it successfully. I also just realized you have your domain proxied at Cloudflare so using their CDN. You might want to consider using their origin CA certificate instead. See their docs