Let's encrypt Nginx

All the command that I use for Let's encrypt

Install Certbot

sudo add-apt-repository ppa:certbot/certbot
sudo apt install python-certbot-nginx

Troubleshoot Installing certbot

when using ubuntu 20.04 shows error

The repository 'http://ppa.launchpad.net/certbot/certbot/ubuntu focal Release' does not have a Release file.

for now use one liner

curl -o- https://raw.githubusercontent.com/vinyll/certbot-install/master/install.sh | bash

Troubleshoot "Nginx is unable to bind to 443 / 80" after applying certbot

sudo fuser -k 80/tcp

Deprecated on 20.04

sudo apt-get install python3-certbot-nginx

Process Certbot Domain

sudo certbot --nginx -d example.com -d www.example.com
sudo certbot renew --dry-run

Check all certificate

sudo certbot certificates

Adding subdomain from existing certificate

lets say you've done this
sudo certbot --nginx -d example.com -d www.example.com
then just rewrite it again
sudo certbot --nginx -d example.com -d www.example.com - second.example.com

Delete certificate

sudo certbot delete --cert-name example.com


Certbot renew error – Invalid response from

  1. Try to make folder .well-known/acme-challenge/test.html and run it to browser if works try again.
  2. Try to stop nginx and start it again... not reload but to stop first and start again.

certbot no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking

when you want you non www / www to be added using certbot

server {
        listen 443 default_server; // add default_server not ssl

        server_name linkfil.io;

        return 301 https://www.linkfil.io$request_uri;

        ssl_certificate /etc/letsencrypt/live/domain/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/domain/privkey.pem; # managed by Certbot

and try to turn off proxy if you're using cloudflare

Worth to look

  • /etc/letsencrypt/archive
  • /etc/letsencrypt/live
  • /etc/letsencrypt/renewal

Subscribe to You Live What You Learn

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
[email protected]