Check NGIX config
sudo nano /etc/nginx/sites-available/defaultEnsure server_name points to the proper DNS name
server_name server.example.com
Follow instructions at https://certbot.eff.org/lets-encrypt/ubuntufocal-nginx
stosc@auction01:/etc/nginx/sites-enabled$ sudo certbot --nginx
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: harvest.stosc.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Requesting a certificate for harvest.stosc.com
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/harvest.example.com/fullchain.pem
Key is saved at: /etc/letsencrypt/live/harvest.example.com/privkey.pem
This certificate expires on 2022-01-02.
These files will be updated when the certificate renews.
Certbot has set up a scheduled task to automatically renew this certificate in the background.
Deploying certificate
Successfully deployed certificate for harvest.stosc.com to /etc/nginx/sites-enabled/default
Congratulations! You have successfully enabled HTTPS on https://example.com
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
If you like Certbot, please consider supporting our work by:
* Donating to ISRG / Let's Encrypt: https://letsencrypt.org/donate
* Donating to EFF: https://eff.org/donate-le
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -Renew a cert
sudo certbot renew --dry-runList a cert
sudo certbot certificatesRevoke a cert
sudo certbot revoke --cert-path /etc/letsencrypt/archive/${YOUR_DOMAIN}/cert1.pem --reason keycompromise