Update the domain

Help
22

Yes, but only the ggiftzdev.club domain
www.ggiftzdev.club I don't need
Here's the result.

root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# sudo nginx -s reload
root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# sudo certbot certonly --nginx -d "ggiftzdev.club" --dry-run
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Cert not due for renewal, but simulating renewal for dry run
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for ggiftzdev.club
Using default address 80 for authentication.
Waiting for verification...
Cleaning up challenges

IMPORTANT NOTES:
 - The dry run was successful.
1 Like
23

Now you can get a real cert :slight_smile:

Unless you already have you...
Check what you have with:
certbot certificates

4 Likes
24

There is an error

root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log
*Renewal configuration file /etc/letsencrypt/renewal/ggiftzdev.club.conf produced an unexpected error: renewal config file {} is missing a required file reference. Skipping.*

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: ggiftzdev.club-0001
    Domains: ggiftzdev.club
    Expiry Date: 2022-02-01 14:49:13+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/ggiftzdev.club-0001/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ggiftzdev.club-0001/privkey.pem

The following renewal configurations were invalid:
  /etc/letsencrypt/renewal/ggiftzdev.club.conf
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
25

I get an error along the way when I deploy

Screenshot 2021-11-03 at 20.04.11
Screenshot 2021-11-03 at 20.04.11885×235 35.4 KB

26

You can remove that cert with:
certbot delete --cert-name ggiftzdev.club

Then retry:
certbot certificates

and your deploy

5 Likes
27

It worked certbot delete --cert-name ggiftzdev.club

root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: ggiftzdev.club-0001
    Domains: ggiftzdev.club
    Expiry Date: 2022-02-01 14:49:13+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/ggiftzdev.club-0001/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ggiftzdev.club-0001/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

But I still get an error when deploying :frowning:

1 Like
28

hmm...
Perhaps it requires the path without the "-0001".

Let's try this:

  • reissue the cert, so that is doesn't have the "-0001", with the old cert-name
    Try:
    sudo certbot --cert-name "ggiftzdev.club" certonly --nginx -d "ggiftzdev.club"
    to confiirm, show:
    certbot certificates

then

  • remove the current cert
    certbot delete --cert-name ggiftzdev.club-0001
4 Likes
29

That didn't work for the deploy :cry:

root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: ggiftzdev.club
    Domains: ggiftzdev.club
    Expiry Date: 2022-02-01 17:25:06+00:00 (VALID: 89 days)
    Certificate Path: /etc/letsencrypt/live/ggiftzdev.club/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/ggiftzdev.club/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1 Like
30

Based on reading the last 15 posts or so, it looks like you didn't follow my previous instructions:

The problems you are currently facing are a direct result of not following those instructions. I'm happy to help, but I'm not going to be a parrot. :parrot:

4 Likes
31

I'm sorry, did I miss something?
Let me go to I'll double-check everything.
The only thing I haven't figured out is the 521 error.
But I figured it was caused by cloudflare, which I gave up because it's not good friends with nginx.

3 Likes
32

I just don't need a second domain www.ggiftzdev.club.
Please excuse me for wasting your time, but without your help it will take me a very long time to do all this as I am a newbie doing this for the first time.
I was given it like this and told to make it work.
I really hope for your understanding and help

3 Likes
33

I get it and I know it's easy to get lost in the mix. The instructions that I provided in the two posts I just referenced are critical for cleaning up your certbot data, setting Cloudflare to not interfere in the certificate turnup process, and fixing your nginx configuration. Without doing those things, you will keep hitting the same walls.

5 Likes
34

I hear you!
Now I'm facing a new error

root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# sudo nginx -T
nginx: [emerg] open() "/etc/nginx/sites-enabled/default" failed (40: Too many levels of symbolic links) in /etc/nginx/nginx.conf:62
nginx: configuration file /etc/nginx/nginx.conf test failed
1 Like
35

found a program in which you can visually see folders.
What should I do with it?
Screenshot 2021-11-03 at 22.29.58

1 Like
36

Show us that file.
[we should find something (interesting) in line 62]

4 Likes
37 
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;

events {
	worker_connections 768;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}
1 Like
39

Line 62 is:
include /etc/nginx/sites-enabled/*;

Please show us:
ls -la /etc/nginx/sites-enabled/*
ls -la /etc/nginx/sites-enabled/

[scavenger hunt...]

4 Likes
40 
root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# ls -la /etc/nginx/sites-enabled/*
ls: cannot access '/etc/nginx/sites-enabled/*': No such file or directory
1 Like
41

Sorry!
Try without the "*"
ls -la /etc/nginx/sites-enabled/

4 Likes
42 
root@ubuntu-s-1vcpu-1gb-intel-nyc1-01:~# ls -la /etc/nginx/sites-enabled/
total 8
drwxr-xr-x 2 root root 4096 Nov  3 20:58 .
drwxr-xr-x 8 root root 4096 Nov  3 19:51 ..
1 Like