Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- server {
- listen 80 http2;
- listen [::]:80 http2;
- server_name pfa.example.com;
- return 301 https://pfa.example.com$request_uri;
- }
- server {
- listen 443 ssl http2;
- listen [::]:443 ssl http2;
- server_name pfa.example.com;
- ssl on;
- ssl_certificate /etc/letsencrypt/live/pfa.example.com/fullchain.pem;
- ssl_certificate_key /etc/letsencrypt/live/pfa.example.com/privkey.pem;
- ssl_session_timeout 1d;
- ssl_session_cache shared:SSL:50m;
- ssl_session_tickets off;
- ssl_dhparam /etc/letsencrypt/live/pfa.example.com/dh.pem;
- ssl_protocols TLSv1.2;
- ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
- ssl_prefer_server_ciphers on;
- add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
- ssl_stapling on;
- ssl_stapling_verify on;
- ssl_trusted_certificate /etc/letsencrypt/live/pfa.example.com/chain.pem;
- resolver 8.8.8.8;
- root /var/www/pfa/;
- index index.php index.html index.htm;
- add_header X-Frame-Options "SAMEORIGIN";
- add_header x-xss-protection "1; mode=block" always;
- add_header X-Content-Type-Options "nosniff" always;
- location ~ .php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/run/php/php7.2-fpm.sock;
- }
- }
- server {
- listen 80;
- listen [::]:80;
- server_name rainloop.example.com;
- root /var/www/rainloop;
- index index.php index.html index.htm;
- location / {
- try_files $uri $uri/ =404;
- }
- location ~ .php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
- }
- }
- server {
- server_name _;
- listen 80 default_server;
- root /var/www/html;
- index index.html index.htm index.nginx-debian.html;
- location / {
- try_files $uri $uri/ =404;
- }
- location ~ .php$ {
- include snippets/fastcgi-php.conf;
- fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
- }
- location ~ /.ht {
- deny all;
- }
- }
- > certbot --nginx -d rainloop.example.com
- Saving debug log to /var/log/letsencrypt/letsencrypt.log
- Plugins selected: Authenticator nginx, Installer nginx
- Obtaining a new certificate
- Performing the following challenges:
- http-01 challenge for rainloop.example.com
- Waiting for verification...
- Cleaning up challenges
- Failed authorization procedure. rainloop.example.com (http-01): urn:ietf:params:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://rainloop.example.com/.well-known/acme-challenge/9ivMyI4q3M98EDzr6Fco71Ih8_mZl1epApasB6nNa14: Error getting validation data
- IMPORTANT NOTES:
- - The following errors were reported by the server:
- Domain: rainloop.example.com
- Type: connection
- Detail: Fetching
- http://rainloop.example.com/.well-known/acme-challenge/9ivMyI4q3M98EDzr6Fco71Ih8_mZl1epApasB6nNa14:
- Error getting validation data
- To fix these errors, please make sure that your domain name was
- entered correctly and the DNS A/AAAA record(s) for that domain
- contain(s) the right IP address. Additionally, please check that
- your computer has a publicly routable IP address and that no
- firewalls are preventing the server from communicating with the
- client. If you're using the webroot plugin, you should also verify
- that you are serving files from the webroot path you provided.
- 775 www-data:www-data
Add Comment
Please, Sign In to add comment