Hey there, first at all thanks for reading. I have a problem with letsencrypt generate cert and validation from Postman and severals webhooks externals to my domain... the error es the same
"failed: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed."
My domain is: mispichos.com
I ran this command: certbot certificate is OK and server block too
"sudo certbot certonly --webroot -w /var/www/html -d www.mispichos.com -d mispichos.com"
It produced this output:
My web server is (include version):
Server: nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version):
ubuntu 18
My hosting provider, if applicable, is:
aws
I can login to a root shell on my machine (yes or no, or I don't know):
Yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
ssh private server
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):
certbot 1.20.0
i use snap to install certbot
My config server blocks:
Expires map
map $sent_http_content_type $expires {
default off;
text/html epoch;
text/css max;
application/javascript max;
~image/ max;
font max;
}
server {
server_name www.mispichos.com;
return 301 $scheme://mispichos.com$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mispichos.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mispichos.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
server_name mispichos.com;
root "/var/www/html/new_repo/adssdadas";
if ($ssl_protocol = "") {
rewrite ^/(.*) https://$server_name/$1 permanent;
}
index index.html index.htm index.php;
charset utf-8;
expires $expires;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location /mp {
try_files $uri $uri/ /mp/index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
sendfile off;
client_max_body_size 100m;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
fastcgi_connect_timeout 300;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
}
location ~ /\.ht {
deny all;
}
# Necessary for Let's Encrypt Domain Name ownership validation
location ~ /.well-known {
allow all;
}
location ~* \.(ico|woff|ttf|otf|svg|woff2|eot)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public";
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/www.mispichos.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/www.mispichos.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = mispichos.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name mispichos.com;
listen 80;
return 404; # managed by Certbot
}
server {
if ($host = www.mispichos.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name www.mispichos.com;
listen 80;
return 404; # managed by Certbot
}