Let's encrypt for multiple sites with different domains on same droplet

January 10, 2018 1.4k views
Nginx Let's Encrypt Debian

I’m running Debian 9.2 with nginx and let’s encrypt on a single droplet. I have got SSL to work on fine after following the tutorial for one domain with this default setup in sites-available:

server {
        listen 80;
        server_name primarydomain.com www.primarydomain.com;
        return 301 https://$server_name$request_uri;
}
server {
        # SSL configuration
        listen 443 ssl;

        server_name .primarydomain.com;

        root /usr/share/nginx/html/primarydomain.com;

        include /etc/nginx/sites-available/include;

        include snippets/ssl-primarydomain.com.conf;
        include snippets/ssl-params.conf;
}

But then I wanted to have another domain as well as subdomain connected to the same droplet but another /usr/share/nginx/html/ folder so I set it up like this:

#Primary
server {
        listen 80;
        server_name primarydomain.com www.primarydomain.com;
        return 301 https://$server_name$request_uri;
}
server {
        # SSL configuration
        listen 443 ssl;

        server_name .primarydomain.com www.primarydomain.com;

        root /usr/share/nginx/html/primarydomain.com;

        include /etc/nginx/sites-available/include;

        include snippets/ssl-primarydomain.com.conf;
        include snippets/ssl-params.conf;
}

#Test.Primary
server {
        listen 80;
        server_name test.primarydomain.com www.test.primarydomain.com;
        return 301 https://$server_name$request_uri;
}
server {
        # SSL configuration
        listen 443 ssl;

        server_name test.primarydomain.com www.test.primarydomain.com;

        root /usr/share/nginx/html/test.primarydomain.com;

        include /etc/nginx/sites-available/include;

        include snippets/ssl-primarydomain.com.conf;
        include snippets/ssl-params.conf;
}

#Secondary
server {
        listen 80;
        server_name secondarydomain.com www.secondarydomain.com;
        return 301 https://$server_name$request_uri;
}
server {
        # SSL configuration
        listen 443 ssl;

        server_name .secondarydomain.com www.secondarydomain.com;

        root /usr/share/nginx/html/secondarydomain.com;

        include /etc/nginx/sites-available/include;

        include snippets/ssl-primarydomain.com.conf;
        include snippets/ssl-params.conf;
}

Unfortunately this did not work out at all as I thought it would. Is it something with let’s encrypt I need to configure that I’ve missed perhaps?

1 Answer

Hello,

What I would suggest is creating separate files for your server blocks and then using CertBot.

Here’s a step by step guide on how to install CertBot and secure your Nginx server with it:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-debian-9

I’ve been using it for a while now and I can say that it is just a spot on and it works every time.

Regards,
Bobby

by Hazel Virdó
by Kathleen Juell
Let's Encrypt is a Certificate Authority (CA) that provides an easy way to obtain and install free TLS/SSL certificates, enabling encrypted HTTPS on web servers. In this tutorial, you will use Certbot to obtain a free SSL certificate for Nginx on Debian 9 and set up your certificate to renew automatically.
Have another answer? Share your knowledge.