Date: Sun, 11 Sep 2022 17:57:09 -0700 From: paul beard <paulbeard@gmail.com> To: FreeBSD-questions <freebsd-questions@freebsd.org> Subject: any nginx/letsencrypt experts out there? Message-ID: <CAMtcK2reN%2BDGjvdaJJ=3ppz4uK0RU8gJ1f4BY1kvJ%2B5xHqgOsg@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
--000000000000be193e05e8706098 Content-Type: text/plain; charset="UTF-8" Something seems to have gone wrong with a working nginx/letsencrypt installation. I suspect LE has changed some things while this system was running 11.4 and the update to 12.3 brought those changes to light. I have a www and cloud server under a single domain and a certificate for each. Not sure that's right but I think that's what LE/certbot came up with from reading nginx.conf (ie, it was setup and worked that way but might have always been wrong and I am just now catching up with that). The cloud.domain server loads just fine but the www.domain will not. There is additional confusion over www vs bare (non-www).domain. Again, that worked before w some rewriting and whatnot but seems not to work now. Requests for www. are now forced to the non-www listener and all the necessary bits (wordpress, etc) are in the www. server stanza. Also I can get openssl on the command line to work fine so there is a chance it's some goofy Apple Safari mishegas that needs sorting out. Is it better just have a single cert for *.domain? That makes more sense to me, not sure how this other situation came to be. -- Paul Beard / www.paulbeard.org/ --000000000000be193e05e8706098 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Something seems to have gone wrong with a working nginx/le= tsencrypt installation. I suspect LE has changed some things while this sys= tem was running 11.4 and the update to 12.3 brought those changes to light.= =C2=A0<div><br></div><div>I have a www and cloud server=C2=A0under a single= domain and a certificate for each. Not sure that's right but I think t= hat's what LE/certbot came up with from reading nginx.conf (ie, it was = setup and worked that way but might have always been wrong and I am just no= w catching up with that). The cloud.domain server loads just fine but the w= ww.domain will not. There is additional confusion=C2=A0over www vs bare (no= n-www).domain. Again, that worked before=C2=A0w some rewriting and whatnot = but seems not to work now. Requests=C2=A0for www. are now forced to the non= -www listener and all the necessary bits (wordpress, etc) are in the www. s= erver stanza.=C2=A0</div><div><br></div><div>Also I can get openssl on the = command line to work fine so there is a chance it's some goofy Apple Sa= fari mishegas that needs sorting out.=C2=A0</div><div><br></div><div>Is it = better just have a single cert for *.domain? That makes more sense to me, n= ot sure how this other situation came to be.=C2=A0</div><div><br></div><div= ><br></div><div><br></div><div><br></div><div><br clear=3D"all"><div><br></= div>-- <br><div dir=3D"ltr" class=3D"gmail_signature" data-smartmail=3D"gma= il_signature">Paul Beard / <a href=3D"http://www.paulbeard.org/" target=3D"= _blank">www.paulbeard.org/</a><br></div></div></div> --000000000000be193e05e8706098--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMtcK2reN%2BDGjvdaJJ=3ppz4uK0RU8gJ1f4BY1kvJ%2B5xHqgOsg>