We were unable to install your certificate

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:https://superadmin.bprodevelopment.com/
I ran this command:certbot --nginx
It produced this output: Saving debug log to /var/log/letsencrypt/letsencrypt.log

Plugins selected: Authenticator nginx, Installer nginx

Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org

Which names would you like to activate HTTPS for?

1: bprodevelopment.com

2: appengine.bprodevelopment.com

3: sa2.bprodevelopment.com

4: superadmin.bprodevelopment.com

Select the appropriate numbers separated by commas and/or spaces, or leave input

blank to select all options shown (Enter 'c' to cancel): 1

Obtaining a new certificate

Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/default.conf

nginx: [emerg] "ssl_certificate" directive is duplicate in /etc/nginx/sites-enabled/default.conf:108

Rolling back to previous server configuration...

nginx restart failed:

b''

b''

IMPORTANT NOTES:

- We were unable to install your certificate, however, we

successfully restored your server to its prior configuration.

• Congratulations! Your certificate and chain have been saved at:

/etc/letsencrypt/live/bprodevelopment.com-0003/fullchain.pem

Your key file has been saved at:

/etc/letsencrypt/live/bprodevelopment.com-0003/privkey.pem

Your cert will expire on 2021-02-28. To obtain a new or tweaked

version of this certificate in the future, simply run certbot again

with the "certonly" option. To non-interactively renew all of

your certificates, run "certbot renew"

My web server is (include version):nginx

The operating system my web server runs on is (include version):ubuntu

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):

Hi @rajeev3555

there

is your job. Fix that.

Then

nginx -T

@JuergenAuer, I think that duplication may have been caused by Certbot's nginx integration here. The directive wasn't necessarily duplicated before Certbot attempted to install the new certificate.

@rajeev3555 I think the existence of the bprodevelopment.com-0003 here suggests that you've been issuing some duplicative overlapping certificates with Certbot, which may have contributed to the problem. If you run certbot certificates, you can see a list of the Certbot-managed certificates and their current domain coverage. You may want to ensure that your nginx configuration is organized the way you expect (with regard to server blocks and domain names that they're responsible for), and try to use Certbot to obtain certificates that cover all of the names that a given server block is responsible for.

If Certbot produced this duplicate directive error when attempting to install a certificate, though, I think that could be considered a bug in Certbot (even if you were using Certbot in an unusual way or accidentally overlapping the coverage of an existing certificate). Which version of Certbot are you running here?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.