Questions tagged as ['certbot']

Score: 0
DanRan avatar
Tunneling a LEMP server through an oracle instance with wireguard. Cannot get Nginx Certbot certificates on LEMP server. How to debug?
mx flag

I have a LEMP server at home running Ubuntu 22.02 and an Oracle cloud instance running Ubuntu 20.04. The Oracle cloud instance is acting as a Wireguard server. The LEMP server at home is acting as the Wireguard Client, and is being tunneled through the Oracle server in order to obtain an IP address that is different from my home IP address. I have set up this Wireguard Client/Server configuration per

Score: 1
certbot wildcard cert not a wildcard
fr flag

I did the following:

sh-3.2# certbot certonly --manual --preferred-challenges=dns --email --server --agree-tos -d *

and got results:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue

Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/l ...
Score: 1
How can I tell if an installed cert is wildcard or not
fr flag

I installed a cert for my server a while ago using certbot, and cant remember if I setup as a wildcard or not, What command can I run to see if it is or not?

Score: 0
Ekip_DetP avatar
Unable to renew a Certbot NGINX certificate
us flag

I have a NGINX server and I use Certbot to generate a Let's Encrypt certificate. I saw that my certificate was not renewing automatically despite the cron I had set up. I tried to renew it manually with the command:

$ certbot renew --cert-name --nginx
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration. The error  ...
Score: 0
Pranav avatar
Server refused to connect after installing SSL via Certbot | Docker + Nginx, AWS Lightsail
it flag

I have successfully managed to install SSL via certbot into my Nginx Docker container, but after installation, all traffic routed via HTTPS refuses to connect.

curl or curl https://the_ip_of_server

curl: (7) Failed to connect to port 443 after 9822 ms: Connection refused

~Port 443 is open on the server(AWS Lisghtsail)


<head& ...
Score: 0
robsch avatar
Change certbot renewal configurations to another Let’s Encrypt-Account
sa flag

Using certbot 1.26.0.

Due to moving some certificate configurations to another server and creating new ones, I now have got two accounts. That was not intended and I think I don't need two accounts.

All renewal files (in /etc/letsencrypt/renewal) contain server = and are all of the same kind (nginx configurations, where just the domain differs).

So,  ...

Score: 0
How do I set up a Let's Encrypt wildcard certificate for Apache on an Amazon Linux 2 AMI EC2 instance?
ug flag

I have a domain (let's say, and I currently have a Let's Encrypt certificate set up and properly working for and for Apache on an Amazon Linux 2 AMI EC2 instance, and I'm trying to reconfigure the certificate to set it up for a wildcard domain (i.e., *

I SSH'ed into the EC2 instance and ran the following command in an attempt to do this (with the rea ...

Score: 0
How to troubleshoot Ubuntu Certbot cron/timer?
us flag
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04.2 LTS
Release:        20.04
Codename:       focal

and have installed certbot via apt-get

My issue is that it is the second time that certificates expire and the cron(also systemd service) installed by certbot is not working.

I see this file created:


Description=Ru ...
Score: 0
ElliotDaly109 avatar
Dovecot refusing connection after extending CertBot certificates
iq flag

I have an Ubuntu server with a website and a setup with postfix, dovecot, and roundcube.

All was working well. But this week, I have extended the wordpress website from 1 single-site to 6 sites (multisites). As such, I extended the CertBot certificate with the new domains.

In order to do this, I added virtualhosts to /etc/apache2/sites-enabled/ I ran the certbot command for the domai ...

Score: 0
How to allow certbot to be able to access via nginx?
in flag

My nginx.conf file is as follows:

user www-data;
worker_processes auto;
pid /run/;
include /etc/nginx/modules-enabled/*.conf; 
#the above include brings in the following default files:

events {
        worker_connections 500;

http {
    include        /etc/nginx/proxy.conf;
    limi ...
Score: 0
LosmiNCL avatar
Certbot unauthorized and connection errors
in flag

I have a spring boot application on Google Cloud, CentOS 7. I wish to install SSL certificate via Let's Encrypt and Certbot. When I use certbot --apache -d command I receive an error:

enter image description here

My domain is registered on Namecheap. My A records on Google Cloud:

enter image description here

Also I provided google cloud nameservers in Namecheap like in this tutorial: ...

Score: 0
certbot creates a challenge owned by root:root and permissions 640 and apache can't access it - custom ACLs applied on parent directory
br flag

On my server I have special permissions that I set on my public_html folder.

First the sticky bit

chmod g+s /home/

Also default group permissions.

setfacl -m 'default:group::rwX' /home/

When I run my certbot command

certbot certonly \
        --webroot \
        -w /home/ -d

certbot will create a .well-known/acme-challenge ...

Score: 1
NginX website returns default page with HTTP (HTTPS works correctly)
br flag

This has to be a duplicate, but I have been searching for a long time and have not found anything.

When I type in the address of my website using http, I get the NginX default page (https works fine):

The NginX config file contains, at the end:

server {
    if ($host = {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name svija.l ...
Score: 0
Jesse avatar
Nginx not listening on new ports with systemctl reload nginx after adding config with a new port
vn flag

Not sure how to quickly summary this issue, so I will put my scenario in bulletpoints:

  • Normal basic nginx install
  • I only use https(443), so I removed all http(80) config
  • When you start nginx (or restart it), the process seems to listen on port 80 as well (ss -tulp)
  • When I add a config in /etc/nginx/sites-enabled with a listener on http(80) and then;
  • Reload nginx, using systemctl reload nginx (note: rel ...
Score: 1
Jaa avatar
Nginx reverse proxy stop domain from changing to local IP
in flag

I'm not familiar with any of this proxy stuff.

nginx config

I can't seem to find a solution to this issue. Right now when I type it redirects to the IP address How do I get it to visit that address but keep

I have port forwarding setup for nginx and if i remove "proxy_pass" it shows the nginx page with the domain url. which is what I want.

For server_name loca ...

Score: 0
Meadowlark Marsh avatar
Certbot cannot check challenge because of Apache "Redirect /"
cn flag

So there is this server that is all messed up but that is besides the point.

I ran certbot and it failed. Checked the vhost for port 80. It has the blanket redirect.

It dose not seem like it would cause a problem right? Well it is, I commented it out and certbot ran no problem.

So then I tired creating a new vhost just for certbot. "ServerName Directory /var/www/certbot" Then runn ...

Score: 0
erihenrique avatar
Error in multiple domains with nginx when add certboot certificate
in flag

I'm using an Ubuntu 20.04 server on Azure, with Nginx, PHP-FPM, and two websites.
The sites are and and They are with the certificate issued by certbot and working fine.
I added a third site with a different domain and it worked fine. But when I add certbot to this third site, they all stop working, and Nginx doesn’t stop and doesn't show any error. I added the c ...

Score: 0
Laughing Laugh wwwwwww avatar
After I ran certbot browsers cannot access css file
hu flag

After I ran certbot --nginx browsers cannot access css of my website.

style.css is located in ./styles of root of my site. The error is Failed to load resource: net::ERR_CERT_COMMON_NAME_INVALID style.css:1

Edited: string from my .html files (where is my site domain):

<link rel="stylesheet" type="text/css" href="">

Edited: my tree -p outpu ...

Score: 0
fugee ohu avatar
permission denied error for letsencrypt certificates
za flag

This error is from dovecot where it can't read the certificate because of permissions I tried changing permissions around, presently I have everything on 644 I understand the paths are only links to /etc/letsencrypt/archives file paths so I really don't know what's going on I don't know how perms on links effect the targets

mail dovecot: imap(example_user)<28542><mxY1sjPSlsxHvuNn>: 
 Panic: Se ...
Score: 0
How do I fix issue with renewing my certbot certificates on ubuntu
it flag

I am trying to renew my certbot certificates running the command cerbot renew and I get this error

2021-12-02 10:46:30,686:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2021-12-02 10:46:30,779:DEBUG:acme.client:Sending GET request to
2021-12-02 10:46:30,783:INFO:requests.packages.urllib3.connectionpool:Starting ...
Score: 0
Running certbot on an ECS instance
gh flag

I am trying to run certbot on an ECS instance which is running a docker image ( The image runs well and I have associated it with a custom subdomain using an elastic IP.

Trying to install and run certbot so I can have an Https connection has proven to be surprisingly difficult.

running as root, I install nginx with:

sudo amazon-linux-extras list | grep n ...
Score: 0
Dimitar Veljanovski avatar
How do I specify a port other than 80 when adding SSL certificate using Certbot?
us flag

I have a server which runs 2 different web servers (Apache and Nginx). The Apache server takes care of all the traffic directed to Wordpress sites whereas the Nginx server serves my Python API and React Web App.

Due to conflicting ports with Apache, I had to set up the API to run on port 88 and the React app to run on 90. I tested it this way and it worked. All the requests will be forwarded to 4 ...

Score: 0
Pagespeed cannot always access page (FAILED_DOCUMENT_REQUEST), SSL certification error?
in flag

I found that Google cannot access my page (this is a follow up of

Now I am thinking it might be a server configuration error.

I am using Letsencrypt certbot and the cloudflare-dns plugin to obtain a wildcard certificate. The page can be accessed just fine in Google Chrome and Firefox, but for example PageSpeed I ...

Score: 0
RevenueNexus RevenueNexus avatar
Suddenly getting SSL handshake errors
ie flag

I have a site on a Ubuntu 18.04.1 AWS Lightsail VM running a nginx webserver and using Letsencrypy certbot SSL. The site was running without problems but when I checked it today, client browser returned ERR_TOO_MANY_REDIRECTS and nginx error log shows

[crit] 2707#2707: *768 SSL_do_handshake() failed (SSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsuppor ...
Score: 0
Bix avatar
Does certbot mask apache2?
cn flag

I recently ran a certbot command using --webroot on a server. Everything worked fine for 8+ hours.

This morning my frontend went down. Upon investigation I discovered that the apache2 service was down. It was masked for some reason so I unmasked it. It restarted but did not work. I tried to run a configtest but apache2ctl was not found. I ran sudo apt install apache2. Now everything is working ag ...

Score: 2
nulldevops avatar
Nginx Docker Container stops working irregularly
cn flag

The server:

I use Nginx as a ingress-proxy for my server. Nginx runs within a Docker container.


    image: nginx:latest
      - "80:80"
      - "443:443"
      front-tier: {}
    restart: always
      - /var/lib/my-server/config/nginx_ingress:/etc/nginx/conf.d
      - /var/li ...
Score: 5
How can I disable "Subject Alternative Name" from being included in Certbot Let's Encrypt certificates?
ca flag

Using Certbot to install an R3 Let's Encrypt certificate on an nginx webserver causes all the other domains in the nginx configuration to be included under "Subject Alternative Name" on the certificate. This is undesirable for my use case.

I read the man page here and some other Stack Exchange posts here and here.

Regarding the use of alternative names, the man page says (and I don't fully understand):

Score: 0
Jonas avatar
Nginx: Reverse Proxy to Docker Container with SSL
es flag

On my Ubuntu (20) server I have a Docker container running on port 3000. I have now installed NGINX on the server and point a domain via a reverse proxy to the Docker container.

server {
    listen 80;

    location / {
        proxy_pass http://localhost:3000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_hea ...
Score: 0
Max avatar
Two domains server_names but separate SSL certificates in NGINX?
ng flag

My NGINX config has a single server defined, and in server-name I have both my domains listed. However, I'd like to keep their SSL certificates separate if possible. I tried using certbot twice, once for each domain, but it seems certbot changes the server's ssl_certificate path in the NGNIX config to match the second domain and overwrites the first domain. Is there a way around this?


Score: 0
Cant install certbot using snap return: Run configure hook of "certbot" snap if present
bm flag

I want to install certbot using snap, but when I tried Official instruction:

sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot

but returns:

error: cannot perform the following tasks:

  • Run configure hook of "certbot" snap if present (run hook "configure": /var/lib not root-owned 1000:1000)

Previously, I uninstalled certbot(from apt) by using the below command: