Renew ssl certificate

Change the server block for port 80 to something like below. You currently redirect all acme challenges to your port 443 server which forwards the request to the localhost proxy. You did not show what the webroot path was for that proxy. But, it is better to handle the acme challenge in http server anyway.

server {
    listen          80;
    server_name     example.com;

    # ACME http challenges
    location /.well-known/acme-challenge/ {
      root /var/www/html;     # matches name in certbot webroot folder
    }

    # Redirect all others
    location / {
      return 301 https://$host$request_uri;
    }
}

 
2 Likes

Thank you so much, i could solve failed authorization error, when i applied salt minion state.apply letsencrypt, i still get in my website connection not secure,
please let me know what i have to do.

1 Like

i applied manually certbot renew --webroot --cert-name "example.com",
renew is success
in my webpage i still get connection is not secure
How much does it take to apply the renewal to website?

That depends on your webserver.

Running sudo service nginx reload should do it.

Certbot would've done on its own but you specified certonly.

Next time, run

certbot renew --cert-name "example.com" --deploy-hook "service nginx reload"

1 Like

Thank you so much, my website is now secure.
letsencrypt community helped alot.

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.