Let's encrypt Nginx

All the command that I use for Let's encrypt

Install Certbot

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

Process Certbot Domain

sudo certbot --nginx -d example.com -d www.example.com
sudo certbot renew --dry-run

Check all certificate

sudo certbot certificates

Adding subdomain from existing certificate

lets say you've done this
sudo certbot --nginx -d example.com -d www.example.com
then just rewrite it again
sudo certbot --nginx -d example.com -d www.example.com - second.example.com

Delete certificate

sudo certbot delete --cert-name example.com

Troubleshooting

Certbot renew error – Invalid response from

1. Try to make folder .well-known/acme-challenge/test.html and run it to browser if works try again.
2. Try to stop nginx and start it again... not reload but to stop first and start again.

certbot no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking

when you want you non www / www to be added using certbot

server {
        listen 443 default_server; // add default_server not ssl

        server_name linkfil.io;

        return 301 https://www.linkfil.io$request_uri;

        ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem; # managed by Certbot
}

and try to turn off proxy if you're using cloudflare

Worth to look

• /etc/letsencrypt/archive
• /etc/letsencrypt/live
• /etc/letsencrypt/renewal