Using non system nginx

robertkwild · April 5, 2022, 1:22pm

hi all

so when i run this

certbot certonly --nginx

says its not running on this server but this server is running nginx, just it doesnt use the system one, uses another one installed by another sofware and its running in

/opt/aspera/shares/nginx

is there anyway i can make certbot use the software installed nginx version?

thanks,
rob

MikeMcQ · April 5, 2022, 1:29pm

Maybe. You could try setting these options on certbot command:

nginx:
  Nginx Web Server plugin

  --nginx-server-root NGINX_SERVER_ROOT
                        Nginx server root directory. (default: /etc/nginx or
                        /usr/local/etc/nginx)
  --nginx-ctl NGINX_CTL
                        Path to the 'nginx' binary, used for 'configtest' and
                        retrieving nginx version number. (default: nginx)

robertkwild · April 5, 2022, 1:38pm

doesnt work, i get this

certbot certonly --nginx-server-root /opt/aspera/shares/etc/nginx -d domain.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log

How would you like to authenticate with the ACME CA?

1: Apache Web Server plugin (apache)
2: Spin up a temporary webserver (standalone)
3: Place files in webroot directory (webroot)

MikeMcQ · April 5, 2022, 1:40pm

I think you also need to include --nginx to specify that plug-in. The extra options are for that plugin.

robertkwild · April 5, 2022, 1:43pm

tried to put the --nginx option either end of the nginx server root option and same reseult

when i put it at the end, get no error just syntax wrong

certbot certonly --nginx --nginx-server-root /opt/aspera/shares/etc/nginx -d domain.com
Saving debug log to /var/log/letsencrypt/letsencrypt.log
The nginx plugin is not working; there may be problems with your existing configuration.
The error was: NoInstallationError("Could not find a usable 'nginx' binary. Ensure nginx exists, the binary is executable, and your PATH is set correctly.")

9peppe · April 5, 2022, 1:45pm

I think you need to add this too.

--nginx-ctl "$(which nginx)"

(this is hacky as shit, put the actual path, even more when certbot complains about your PATH)

robertkwild · April 5, 2022, 1:46pm

when you say the actual path, do you mean the server root, like below

/opt/aspera/shares/etc/nginx

9peppe · April 5, 2022, 1:47pm

two different options, one points to the config (this is the one you have already), another to the nginx executable itself.

robertkwild · April 5, 2022, 1:55pm

job done!!!!

certbot certonly --nginx --nginx-server-root /opt/aspera/shares/etc/nginx --nginx-ctl /opt/aspera/shares/sbin/nginx -d domain.com

and i spose renew, just make a crontab

0 09,21 * * * certbot renew

9peppe · April 5, 2022, 2:07pm

You might already have one, or a systemd timer.

Check in /etc/cron.d and in systemctl list-timers

(if you add it manually, I'd add -q, as in certbot renew -q)

system · May 5, 2022, 2:07pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Certbot - Running Certbot on a Machine that is Not the Web Server Means Challenges Fail Help	5	2527	July 12, 2017
How does certbot's --nginx plug-in work in certonly mode? Help	11	3483	November 11, 2020
Is it OK to certbot "run" with non-installing plugins? Help	5	940	October 15, 2021
Set up certbot with nginx built with ngx_pagespeed Help	9	1906	April 20, 2018
Unable to reniew certificate Help	14	985	January 8, 2020

Using non system nginx

Related topics