I'am trying to include two project on my domain with the same lets-encrypt configuration but i got an error can't run nginx

May 15, 2018 517 views
DNS Let's Encrypt Nginx Ubuntu 16.04

*here is my default file *

HTTP — redirect all traffic to HTTPS

server {
listen 80;
listen [::]:80 defaultserver ipv6only=on;
return 301 http://$host$request
uri;
}

HTTPS — proxy all requests to the Node app

server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name test.example.com;

# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/test.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.example.com/privkey.pem;

# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;

location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:5000/;
    proxy_ssl_session_reuse off;
    proxy_set_header Host $http_host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off; 
}

}

HTTPS — proxy all requests to the Node app

server {
# Enable HTTP/2
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name test2.example.com;

# Use the Let’s Encrypt certificates
ssl_certificate /etc/letsencrypt/live/test.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/test.example.com/privkey.pem;

# Include the SSL configuration from cipherli.st
include snippets/ssl-params.conf;

location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-NginX-Proxy true;
    proxy_pass http://localhost:5000/;
    proxy_ssl_session_reuse off;
    proxy_set_header Host $http_host;
    proxy_cache_bypass $http_upgrade;
    proxy_redirect off; 
}

}

**i am trying to include the new sub domain to certification

/opt/letsencrypt/certbot-auto --cert-name test.example.com -d test.example.com -d test1.example.com**

the error

nginx: [error] invalid PID number "" in "/run/nginx.pid"
Encountered exception during recovery
nginx restart failed:

Traceback (most recent call last):
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/errorhandler.py", line 103, in _callregistered
self.funcs-1
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/authhandler.py", line 308, in _cleanupchallenges
self.auth.cleanup(achalls)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbotnginx/configurator.py", line 1055, in cleanup
self.restart()
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot
nginx/configurator.py", line 846, in restart
nginxrestart(self.conf('ctl'), self.nginxconf)
File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbotnginx/configurator.py", line 1106, in nginxrestart
"nginx restart failed:\n%s\n%s" % (out.read(), err.read()))
MisconfigurationError: nginx restart failed:

An unexpected error occurred:
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 7: ordinal not in range(128)

both domain works but one with ssl and another without ssl
and i am always getting error when trying to restart nginx

4 Answers

From the errors you are seeing it looks like Nginx was not running on your system when you attempted to run LetsEncrypt. This is why the "invalid pid number" error shows up. Try running service nginx start before attempting to generate your certificate.

Thank you

i was not able to restart nginx but i found this command

sudo fuser -k 443/tcp
service nginx restart

and now it's working but still can't add ssl certification

i got this error
Failed to find executable apache2ctl in PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin

and this

UnicodeDecodeError: 'ascii' codec can't decode byte 0xe2 in position 7: ordinal not in range(128)

i fixed the problem by remove all comments :)
from nginx configuration

i removed this one
# Use the Let’s Encrypt certificates

Have another answer? Share your knowledge.