Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is:
https://cmscontracts.com
(and wildcard variants such as https://psiscs.cmscontracts.com)
I ran this command:
sudo certbot --nginx --agree-tos --no-eff-email --no-redirect --keep-until-expiring -m [hidden]@example.com -d cmscontracts.com -d *.cmscontracts.com
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx
Cert not yet due for renewal
Keeping the existing certificate
Deploying Certificate to VirtualHost /etc/nginx/sites-enabled/chronicle.conf
Which server blocks would you like to modify?
1: File: /etc/nginx/sites-enabled/signyl_for_supply_chain.conf
Addresses: 443 ssl
Names: rails1, signyl_for_supply_chain, signyl.psiapps.com
HTTPS: Yes
2: File: /etc/nginx/sites-enabled/signyl_for_rehab.conf
Addresses: 443 ssl
Names: signyl_for_rehab, rails1, rehab.psiapps.com
HTTPS: Yes
3: File: /etc/nginx/sites-enabled/chronicle.conf
Addresses: 443 ssl
Names: chronicle, cmscontracts.com, *.cmscontracts.com, rails1
HTTPS: Yes
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter ācā to cancel):
My web server is (include version): nginx version:
nginx/1.16.1
The operating system my web server runs on is (include version):
Linux rails1 4.15.0-1057-aws #59-Ubuntu SMP Wed Dec 4 10:02:00 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
My hosting provider, if applicable, is:
N/A
I can login to a root shell on my machine (yes or no, or I donāt know):
YES
Iām using a control panel to manage my site (no, or provide the name and version of the control panel):
NO
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if youāre using Certbot):
certbot 0.31.0
Additional info:
The āserver_nameā in the Nginx config of the appropriate .conf file is
server_name cmscontracts.com *.cmscontracts.com chronicle rails1;
Iāve tried lots of different domain name combinations. But as long as thereās a * in the server_name, cerbot is unable to identify the server block. It works fine for my other sites that have a non-wildcard domains.
I need to automate the certbot command in a Chef recipe. So I am unable to respond to the prompt.
Thanks for any help.
-Will