My domain is:
sdxlive.com
in /etc/nginx/:sites-enabled/git.sdxlive.com.conf
ssl_certificate /etc/nginx/tls/sdxlive.com.chained.crt;
ssl_certificate_key /etc/nginx/tls/sdxlive.com_rsakey.pem;
systemctl restart nginx
It produced this output:
● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2019-09-24 17:56:10 CEST; 1s ago
Docs: man:nginx(8)
Process: 26779 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 26794 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 26795 (nginx)
Tasks: 5 (limit: 4915)
Memory: 13.6M
CGroup: /system.slice/nginx.service
├─26795 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
├─26796 nginx: worker process
├─26797 nginx: worker process
├─26798 nginx: worker process
└─26799 nginx: worker process
Sep 24 17:56:10 systemd[1]: Starting A high performance web server and a reverse proxy server…
Sep 24 17:56:10 systemd[1]: Started A high performance web server and a reverse proxy server.
My web server is (include version):
nginx 1.17.3
The operating system my web server runs on is (include version):
Ubuntu 19.10
I can login to a root shell on my machine (yes or no, or I don’t know):
yes
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you’re using Certbot):
ansible 2.8.5
So, there is no issue with a lets encrypt SAN certificate: chrome is happy with it.
Switching to a lets encrypt wildcard certificate and restarting nginx makes chrome frown with a “invalid certificate” wince.
The wildcard certificate has just been successfully obtained from let’s encrypt.
Since then, I have switched back to a SAN certificate.