After running certbot on my Ubuntu 22.04.2 server, it created another Server Block Config file, I can't work out why, but it seemed to downgrade the SSL certificate, I think due to this? From an A to B. I deleted this server since in the cloud, I plan to start the entire setup again from scratch, however I want to get the SSL certificate 100% working this time, I usually go through the following tutorials not skipping anything any advice on this would be much appreciated
Are you talking about the SSL Labs report grade? What was the reason for the B? It probably wasn't related to the cert but to something else in the HTTPS configuration. Without knowing what that was it is hard to advise.
As for the new server block, that is normal. Certbot's nginx plug-in will create, if needed, a server block to handle port 443 (https) based on the config in your port 80 server block (http).
You can't get a grade from SSL Labs until you have https working so something doesn't sound right. Your articles don't have you configuring https in advance so it would be easier to see the SSL Labs report itself. Please share the domain name once it is working again.
3 Likes
I am going to set it up again in an hour following through all the instructions again exactly in the 3 links. I will update later here, many thanks for your response! I can't remember what the SSL Labs report grade said, but once I do it again I will paste it here.
1 Like
"Why did my server set up another Server Block Config file on NGINX automatically after running certbot?"
Per certbot documentation:
Using the nginx plugin will cause it to do so.
"Automates obtaining and installing a certificate with Nginx."
https://eff-certbot.readthedocs.io/en/stable/using.html
So, the answer to your question is that you asked certbot to install the cert into nginx.
4 Likes
Thanks for this! This is useful to know! It sounds like from my talk with ChatGPT also, that Server Block Config Files do not conflict with one another because it will be read as the directory not just a single file within that directory? It is taking me a bit longer today to set this up due to internet outages nationally anyhow.
1 Like
Not sure what that means. nginx uses the base config file and anything you *include*
You can see your entire nginx active config with this (note the capital T)
sudo nginx -T
3 Likes
Yeah this is what confuses me so much, when running that command it all checks out fine with the additional file How To Install Nginx on Ubuntu 22.04 | DigitalOcean but following this it also creates one for your domain then you have the main level config file. I mean I am gonna set up the server before saying anything further else I will just be guessing here to try and clarify.
Can you upload the config.txt file resulting from this?
sudo nginx -T >config.txt
That way we can see exactly what you are confused about.
After that initial step you have two server blocks. A default one and one specific to your domain. Both of these are just for processing incoming requests on port 80 (http).
Later, Certbot w/--nginx option will create another server block for handling https (port 443) based on the one for your domain handling port 80 (http).
You don't have to use --nginx such that it creates another server block. You can manually configure your own server block for https instead and use a different certbot command. But, usually that is only done by experienced admins and I don't think you are there yet 
3 Likes
You may do well with reading up on some basic nginx configuration.
3 Likes
Yeah I plan to honestly, I hoped to have done it by now, I am having issues with internet (Google Virgin Media to see what I mean lol) so most likely will do much later or tomorrow now 
sorry about this I usually provide as much info as I can.
2 Likes
I always skip the docs lol. Not a good idea, I thought the three tutorials I linked would get me through haha.
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.