Nginx uses self-signed certificate instead of Let’s Encrypt one

Question

Nginx uses self-signed certificate instead of Let’s Encrypt one

nginx lets-encrypt

pds2k 5 years, 5 months ago

Hello Using Nginx for the first time. On CentOS 7.5.

Used https://certbot.eff.org/lets-encrypt/centosrhel7-nginx.html

Then after the issue https://www.nginx.com/blog/using-free-ssltls-certificates-from-lets-encrypt-with-nginx/

Have pem files in /etc/letsencrypt/live.

Created a conf file in /etc/nginx/conf.d. CertBot has not modified it.

Have “[alert] could not open error log file: open() "/var/log/nginx/error.log" failed (13: Permission denied)” after running “sudo nginx -t && nginx -s reload” Does not seem to be SELinux issue.

No nginx configuration file issue.
error log only had “2018/11/19 16:11:38 [notice] 32498#0: signal process started.”

Where to look next?

3 Replies

pds2k · Answer 1 · Nov. 21, 2018, 9:53 p.m.

pds2k 5 years, 4 months ago

Used http://nginx.org/en/docs/http/configuring_https_servers.html to manually configure nginx.
Set the /etc/nginx/conf.d/servername.conf file to be:

server {
listen 443 default_server;
listen [::]:443 default_server;
root /var/www/html;
server_name servername;
ssl_certificate /path/to/fullchain.pem;
ssl_certificate_key /path/to/privkey.pem;
ssl_protocols TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
}

Restarted nginx. Browsers still only see the self-signed cert.

pds2k · Answer 2 · Nov. 26, 2018, 6:17 p.m.

pds2k 5 years, 4 months ago

Have not seen anything helpful in:

/var/log/messages
/var/log/nginx/error.log, access.log
/var/log/letsencrypt/letsencrypt.log

pds2k · Answer 3 · Nov. 29, 2018, 2:43 p.m.

pds2k 5 years, 4 months ago

No way found to correct the error. VM deleted.

Compute

Storage

Databases

Networking

Developer Tools

Delivery

Security

Services

Industries

Pricing

Community

Engage With Us

Nginx uses self-signed certificate instead of Let’s Encrypt one

3 Replies

Reply

Tips: