Hey @rtaibah

I had a look for myself, and I think you are getting that issue because you are attempting to install Lets Encrypt via the nginx running on the Ubuntu VM, but the OnlyOffice One-Click is configured to just skip that and forward everything from port 80 and 443 (HTTP/HTTPS ports) directly to a docker container. All the config and logic is inside the Docker container.

This is not really a great method because you are going into the docker container and modifying it, but I think it should work:

1. SSH into the Droplet
2. List the ID’s of the running docker containers with docker container ls - look for the ID of the “onlyoffice/communityserver” container, you will also see it has the HTTP/HTTPS ports proxied to it.
3. Now initialize a bash session inside the container by running: docker exec -it ID_OF_COMMUNITY_IMAGE /bin/bash
4. Now you can go through the Let’s Encrypt instructions you referenced earlier, with a couple important notes:

A. The nginx config file for onlyoffice is located at /etc/nginx/sites-enabled/onlyoffice <– that’s where you add the `servername …; line_
B. Instead of running systemctl reload nginx you need to run service nginx restart

Thanks for the question and answer, I am doing the exact same thing!

However, when I tried to generate the certificate I get the following error:

Could not automatically find a matching server block for mydomain.co. Set the `server_name` directive to use the Nginx installer.

My /etc/nginx/sites-available/onlyoffice file looks like this:

upstream fastcgi_backend {
        server unix:/var/run/onlyoffice/onlyoffice.socket;
        keepalive 32;
}

server {
        listen 80;
        listen 443 ssl;
        server_name mydomain.co www.mydomain.co;

        ssl_certificate {{SSL_CERTIFICATE_PATH}};
        ssl_certificate_key {{SSL_KEY_PATH}};

        fastcgi_keep_conn on;
        fastcgi_index   Default.aspx;
        fastcgi_intercept_errors on;


        include fastcgi_params;

        fastcgi_param HTTP_X_REWRITER_URL $http_x_rewriter_url;
        fastcgi_param SERVER_NAME $host;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO "";

        fastcgi_read_timeout    600;
        fastcgi_send_timeout    600;


        location / {
                root    /var/www/onlyoffice/WebStudio/;
                expires           0;
                add_header        Cache-Control no-cache;
                rewrite ^(.*)$ /StartConfigure.htm  break;
        }

        location /api {
                fastcgi_pass fastcgi_backend;
                break;
        }

        location  ~* ^/(warmup[2-9]?)/ {
                rewrite /warmup([^/]*)/(.*) /$2 break;
                fastcgi_pass unix:/var/run/onlyoffice/onlyoffice$1.socket;
        }
}

The nginx -t command returns OK/success.

Any idea?

I struggled to do this, I found an easier solution was just to create a cloudflare account that basically sat between my droplet and the user and cloudflare provided it’s catch-all SSL certificate.

Really easy, hardly any setup.

Hope this offers a different perspective.

James.