Question
NGINX LetsEncrypt Cert location tag question
- Posted May 18, 2017
- NginxLet's EncryptUbuntu 16.04
server {
listen 80;
listen [::]:80;
server_name www.domain.com *.domain.com;
return 301 http://domain.com;
}
server {
listen 80;
listen [::]:80;
root /var/www/domain.com/html;
index index.html index.htm index.nginx-debian.html;
server_name domain.com;
location / {
try_files $uri $uri/ =404;
}
}
The tutorial says to add to the SSL Server Block
location ~ /.well-known {
allow all;
}
so i updated mine to be:
server {
listen 80;
listen [::]:80;
server_name www.domain.com *.domain.com;
return 301 http://domain.com;
}
server {
listen 80;
listen [::]:80;
root /var/www/domain.com/html;
index index.html index.htm index.nginx-debian.html;
server_name domain.com;
location ~ /.well-known {
allow all;
}
location / {
try_files $uri $uri/ =404;
}
}
I was just wondering if this is the proper way to do it or if there is a better way to do it?
Subscribe
Share
Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Sign in to AnswerThese answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
Accepted Answer
If you’re using the web root option, that’s the method you’ll need to use.
The other option would be to use the certonly option, though you’d need to stop NGINX, run the certificate command, and then start NGINX since the Let’s Encrypt (now CertBot) application needs to access ports 80 and 443.
