Webroot/.well-known/acme-challenge is working but I still get an error

I am trying to generate ssl certificates for my site. I can access webroot/.well-known/acme-challenge and a file is generated there that I can access from the browser, so I feel like I’m almost there! :sunglasses: I have tried many different nginx configs but always get the same error.

I am using create-react-app for the front end and laravel for the backend.

My current nginx config:

    server {
            listen 80;
            listen [::]:80;

            root /var/www/html/suggestify-backend/public;
            index index.html index.htm index.php welcome.blade.php;

            server_name suggestify.io www.suggestify.io;

            charset utf-8;

            location ~* /api/ {
                    try_files $uri $uri/ /index.php?$query_string;


            location = /favicon.ico { access_log off; log_not_found off; }
            location = /robots.txt  { access_log off; log_not_found off; }

            access_log off;
            error_log  /var/log/nginx/react.app-error.log error;
            sendfile off;
            client_max_body_size 100m;

            location ~* /api/ {
                    try_files $uri $uri/ /index.php?$query_string;

            location ~ \.php$ {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
                    fastcgi_index index.php;
                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    fastcgi_intercept_errors off;
                    fastcgi_buffer_size 16k;
                    fastcgi_buffers 4 16k;
                    fastcgi_connect_timeout 300;
                    fastcgi_send_timeout 300;
                    fastcgi_read_timeout 300;
           location /.well-known/acme-challenge {
                    try_files $uri $uri/ /index.html$is_args$args;
            location /about {
                    try_files $uri $uri/ /index.html$is_args$args;
            location ~* / {
                    try_files $uri $uri/ /index.html$is_args$args;
            location ~ /\.ht {
                    deny all;

My domain is: www.suggestify.io

I ran this command: sudo certbot certonly --webroot --webroot-path=/var/www/html/suggestify-backend -d suggestify.io -d www.suggestify.io

It produced this output:

My web server is (include version): ec2

The operating system my web server runs on is (include version): Ubuntu 16.04

My hosting provider, if applicable, is: Route 53

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): no

Your nginx configuration says the webroot is:

root /var/www/html/suggestify-backend/public;

but in the certbot command you used /var/www/html/suggestify-backend (without /public)…

(incidentally, you may be following an old tutorial - certbot now has an --nginx plugin that works like the --apache plugin; that might also be worth a try)


That will teach me to read my terminal input, lol. I was just blindly using the up arrow over and over assuming the command was correct! I’ve successfully configured my first HTTPS server. Thanks!

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.