Problems with server_name

I had to reinstall nginx on my server. Yesterday I got a new certificate for my domain and everything was find. But today when I tried to install the certificate one more time, I always received the problem finding the server_name on the /etc/nginx/sites-enable/waistudio.co file that is on /etc/nginx/sites-available/waistudio.co.
The config file is the same that I used yesterday, and the server name is correct.
I tried to remve the certificate and reinstall several times and now I reached the limit attemps.
I appreciate your help in order to know how i can solve this issue and if there is a way to have more attempts so I can try to have the certificate again.

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
waistudio.co

I ran this command:
sudo certbot --nginx -d waistudio.co -d www.waistudio.co

It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Obtaining a new certificate
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/waistudio.co
Could not automatically find a matching server block for www.waistudio.co. Set the server_name directive to use
the Nginx installer.

IMPORTANT NOTES:

• Unable to install the certificate
• Congratulations! Your certificate and chain have been saved at:
  /etc/letsencrypt/live/waistudio.co/fullchain.pem
  Your key file has been saved at:
  /etc/letsencrypt/live/waistudio.co/privkey.pem
  Your cert will expire on 2021-05-04. To obtain a new or tweaked
  version of this certificate in the future, simply run certbot again
  with the "certonly" option. To non-interactively renew all of
  your certificates, run "certbot renew"

My web server is (include version):
Ubuntu 20.04 (LTS) x64

The operating system my web server runs on is (include version): Ubuntu 20.04 (LTS) x64

My hosting provider, if applicable, is:
Digital ocean

I can login to a root shell on my machine (yes or no, or I don't know):
yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
certbot 0.40.0

Hi @zabala1juan,

Is /etc/nginx/sites-available/waistudio.co not a symbolic link to /etc/nginx/sites-enable/waistudio.co? If these files are different, could you post the content of both?

I'm reading that backwards...
Maybe a third set of eyes can confirm.
S/B:
/sites-enabled/ >symlinks> /sites-available/

And you both wrote: /sites-enable/ not /sites-enabled/

Hi @schoen, Thanks for replying

I used a simbolic link, so both files are the same

image805×25 10.9 KB

The content of the file /etc/nginx/sites-available/waistudio.co is:

server {
listen 80;
listen [::]:80;

    root /var/www/waistudio.co/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name waistudio.co www.waistudio.com;

    location / {
            #try_files $uri $uri/ =404;
            try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
            include snippets/fastcgi-php.conf;
            fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
    }

    location ~ /\.ht {
            deny all;
    }
    location = /favicon.ico { log_not_found off; access_log off; }
    location = /robots.txt { log_not_found off; access_log off; allow all; }
    location ~* \.(css|gif|ico|jpeg|jpg|js|png)$ {
            expires max;
            log_not_found off;
    }

}

Thanks on advance for any help

@zabala1juan Please edit your post and add backticks above and below as exampled below:

```
YOUR POST
```

[backtick is found on US keyboards above the TAB key]

Yes, you're right that the link goes in the opposite direction. Thanks for catching that.

Aha, one of these says .co and the other says .com. I think that's probably the source of the problem!

Ohhh thanks a lot. I'm feel a little bit embarrassed. I think that should fix it. But I will have to wait until next Tuesday to test it.

You're awesome. Have a nice one

You might be able to use Certbot to reinstall your existing certificate (after fixing your nginx configuration) without reissuing it, assuming you haven't deleted it. Try adding --reinstall to your command line.

On my last attempted to solve the issue I deleted the fullchain key. I think I have no option but to wait.
Thanks again for your help.

The fullchain file is public and can easily be recreated.
The private key however can't.
So long as you have the private key you can rebuild the entire cert.

Do you still have the private key?
find /etc/letsencrypt/ -name privkey*

I used the sudo certbot revoke --cert-path /etc/letsencrypt/live/waistudio.co/fullchain.pem

And when I used certbot certificates I have no certificates at all.

I tried what you suggested but I can not find the key.
I used:
sudo find /etc/letsencrypt/ -name waistudio.co

Thanks for helping

Why?

I was trying different ways to fix the inicial problem and that was one of the steps, unistall certbot and the keys and tried again.

Where did you read that?
Or did you just assume it?

Revoking a cert is only done when the private key has been compromised or the domain is no longer under your control.

You had a problem [a hole in your wall].
And you tried to fix it [by breaking down all the walls].
And now you have to start over [and build a new house].
But you already issued 5 certs with the exact same set of names in the past 7 days:
so you will have to wait until Feb 9 to issue another one [the new house will require permits and materials that won't arrive for a few days; So work can't get started - now you must wait].

Thanks, I know, I'll be waiting.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.