Let’s encrypt failed to test renew –dry-run, because Let’s encrypt try to access mydomain.com/.well_known/ which is doesn’t exist.

My setup :

Ubuntu 08.04 - Nginx - Let’s Encrypt

nginx configuration

server {

        root /var/www/mydomain.com/public;
        index index.html index.htm index.nginx-debian.html;

        server_name mydomain.com;

        location / {
                try_files $uri $uri/ =404;
        }

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mydomain.com/fullchain.pem; # managed $
    ssl_certificate_key /etc/letsencrypt/live/mydomain.com/privkey.pem; # manage$
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


}
server {
    if ($host = mydomain.com) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80;
listen [::]:80;

        server_name mydomain.com;
    return 404; # managed by Certbot


}

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi @dhidyawdiyan,

The .well-known folder should automatically be created. If certbot can’t create the folder than most probably, you are not using the proper permissions or ownership on your folders.

I’ll recommend setting up the folders to be with permissions 755 and files with permissions 644. TO do that, you can do the following

For Files

find /path/to/website -type f -exec chmod 644 {} \;

For Folders

find /path/to/website -type d -exec chmod 755 {} \;

If you need to change the ownership of your files, you’ll need to use

chown -R User:Group /path/to/website 

You’ll need to change the /path/to/website with your actual path to your website. As for the User:Group, you’ll need to change it to the ones you have configured in your Nginx conf(They are usually the same for both user and group).

Regards,
KDSys

Submit an Answer