Every time I try to renew my letsencrypt certificate it fails with a 404 error using nginx and certbot. I managed to fix it by modifying the configuration file to a basic one, but this prevents the certificate from auto-renewing, so every 3 months I have to repeat the operation. Could you help me to find out where the problem is?
My actual domain conf (acuar.io.conf) -- This code is working to operate the website but not for renewal
# Odoo servers
upstream odoo {
server 127.0.0.1:8069;
}
upstream odoochat {
server 127.0.0.1:8072;
}
# HTTP -> HTTPS
server {
listen 80;
server_name www.acuar.io acuar.io;
include snippets/letsencrypt.conf;
return 301 https://acuar.io$request_uri;
}
# WWW -> NON WWW
server {
listen 443 ssl http2;
server_name www.acuar.io;
ssl_certificate /etc/letsencrypt/live/acuar.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/acuar.io/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/acuar.io/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
return 301 https://acuar.io$request_uri;
}
server {
listen 443 ssl http2;
server_name acuar.io;
proxy_read_timeout 720s;
proxy_connect_timeout 720s;
proxy_send_timeout 720s;
# Proxy headers
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
# SSL parameters
ssl_certificate /etc/letsencrypt/live/acuar.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/acuar.io/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/acuar.io/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;
# log files
access_log /var/log/nginx/odoo.access.log;
error_log /var/log/nginx/odoo.error.log;
# Handle longpoll requests
location /longpolling {
proxy_pass http://odoochat;
}
# Handle / requests
location / {
proxy_redirect off;
proxy_pass http://odoo;
}
# Cache static files
location ~* /web/static/ {
proxy_cache_valid 200 90m;
proxy_buffering on;
expires 864000;
proxy_pass http://odoo;
}
# Gzip
gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
gzip on;
}
The code I have to setup to get certificate renewal working:
server {
listen 80;
server_name acuar.io www.acuar.io;
include snippets/letsencrypt.conf;
}
Thank you very much for your help
After a lot of tries i managed to make a workaround, I'm sure there may be better options but at least it works:
I commented the line where the code redirects HTTP to HTTPS:
# HTTP -> HTTPS server { listen 80; server_name www.acuar.io acuar.io; include snippets/letsencrypt.conf; # return 301 https://acuar.io$request_uri; }
The problem, as long as I understood was Cerbot needs to access the server in HTTP but the server was already forcing all trafic to HTTP.
If anyone have a better way to make this i really apreciate the help. In any case I hope this will help someone in the same error like me.
Thanks
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.