Updated certbot, now nginx serves 404s to LE and gets “invalid response”

When you renewed it just now with the updated port, it updated the .conf file in /etc/letsencrypt/renewal with the new port. As such, you don't need to change anything further.

:man_shrugging:. The way you've done it is fine, I think stuff like this largely comes down to sysadmin tastes.

The nginx authenticator in Certbot actually (temporarily) adds all of the /.well-known/acme-challenge/ nginx stanzas on its own during authentication, so the one you have configured on your own is redundant. It would be useful if you used the webroot authenticator (as in a couple of posts back). But it's not a big deal.

At version 1.5.0, definitely, yes.

1 Like