Serve same website under two URLs / domains with certbot
forumacct
nginx-forum at forum.nginx.org
Sat Jun 5 22:32:42 UTC 2021
Hello,
Thank you for the extended help. I see there will be a lot of reading to
understand all the features in nginx.
Francis Daly Wrote:
-------------------------------------------------------
> On Sat, Jun 05, 2021 at 04:28:06AM -0400, forumacct wrote:
>
> Hi there,
...
> If you have two server_names that are used, and that will *always*
> serve
> the same content as each other (and you are happy that someone who
> uses
> one name will be able to see that the other name exists), then you can
> get one certificate that is valid for both names, and configure nginx
> to
> use that for all requests that are handled in this server{}. (The
> other
> reply indicates that certbot does support this two-name certificate.)
...
That was something I also had just discovered. And that route seems to have
worked for me.
I did this:
sudo certbot --nginx -d skywatcher.space -d www.skywatcher.space -d
drgert.dyndns.ws
And it asked if I want to append the multiple domains into the same
certificate which I confirmed. It created one file
/etc/letsencrypt/live/skywatcher.space/fullchain.pem
which has 3 sections I assume representing the three domain names. (Why do
www.domain.com and domain.com count as two?)
Then a single file in sites-enabled worked for me.
vi /etc/nginx/sites-enabled/rpi3_https_2dom.conf
# Default server configuration
server {
listen 80 ;
listen 8000; # Alternate http port
root /media/usbstick/nginx/www;
# Add index.php to the list if you are using PHP
index index.php index.html index.htm;
server_name drgert.dyndns.ws skywatcher.space www.skywatcher.space;
# managed by Certbot
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.3-fpm.sock;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/skywatcher.space/fullchain.pem; #
managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/skywatcher.space/privkey.pem;
# managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
For your experience/background is there anything in the above that is not
yet OK?
Cheers,
Gert
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,291774,291781#msg-291781
More information about the nginx
mailing list