I have ran the client ./letsencrypt-auto certonly
then edited the nginx config file like the following.
Unfortunately when I restarted the server I was getting an error telling me that the certificate is not trusted.
Use fullchain.pem as your ssl_certificate as well as your ssl_trusted_certificate.
3 Likes
Same 
tried running site through https://dev.ssllabs.com/ssltest/index.html tests ?
Are you using the latest version of the client? Are you using any --server flag when running the client? Did you reload nginx after changing the cert?
Also https://dev.ssllabs.com/ssltest/analyze.html?d=raed.it&hideResults=on&latest says your cert is fine. The only thing wrong is that your cert is valid for www.raed.it, but not raed.it. You should really have TLS on both.
1 Like
Yes but I can't figure out the problem (may be a WWW redirect problem ?)
Yes just cloned the client
No I didn't use the --server flag
Yes I did reload nginx
^ that's probably the problem
It is a redirect problem. You’re allowing connections on https://raed.it (not explicitly, I know, but trust me, you are), and your cert isn’t valid for https://raed.it.
2 Likes
[quote=“Leliana, post:8, topic:5547, full:true”]
It is a redirect problem. You’re allowing connections on https://raed.it (not explicitly, I know, but trust me, you are), and your cert isn’t valid for https://raed.it.
[/quote] ah ha nice catch @Leliana
This is probably true.
If it is not much of problem, can you check my old config and suggest where/what to edit ?