Closed timtorChen closed 3 years ago
Can you add server_name to the https block pls?
I add the server_name to https block, but It report the same error Can not find conf file for domain mydomain.com
I assume you restarted nginx?
I run acme.sh under no nginx service running in the docker I build my own.
FROM debian:stretch
WORKDIR /code
RUN apt-get update;\
apt-get update && apt-get install nginx curl cron -y > /dev/null
ADD . .
RUN cp nginx.conf /etc/nginx/nginx.conf; \
cp uwsgi_params /etc/nginx/uwsgi_params; \
cp django_nginx.production.conf /etc/nginx/conf.d/django_nginx.conf
RUN curl https://get.acme.sh | sh ;\
ln -s ~/.acme.sh/acme.sh /usr/bin/acme.sh;\
acme.sh --upgrade
After image builded, in docker-compose It will issue the cert and run the nginx service. However, the error occur on acme.sh blocks the process.
I am facing the same issue
me tooo
nginx version: nginx/1.10.3 (Ubuntu)
not working with the same error (Can not find conf file for domain...):
acme.sh --issue --nginx -d example.org -w /var/www/html/example.org/
suddenly working:
acme.sh --issue -d example.org -w /var/www/html/example.org/
--nginx
Same issue on old Ununtu 12.04: nginx version: nginx/1.8.1
I implemented a workaround: Created /tmp/1/ . Disabled real nginx config and activated fake site:
server {
listen 443 ssl;
server_name mysite;
ssl_certificate /etc/nginx/ssl/cert.crt;
ssl_certificate_key /etc/nginx/ssl/priv.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SH
A256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
keepalive_timeout 65;
location / {
alias /tmp/1/;
index 1.txt;
include proxy_params;
}
}
After run following command: acme.sh --issue -d mysite -w /tmp/1/
And i got a certificate!
Changing an include in the nginx config to a relative path fixed the issue for me. See also #1743
Before
include http.d/*.conf
After
include /etc/nginx/http.d/*.conf
please try again with latest dev
branch:
acme.sh --upgrade -b dev
i have solved this using the --nginx
option, so it became like this
acme.sh --issue --nginx /etc/nginx/sites-enabled/myconfig -d mydomain.com
i have solved this using the
--nginx
option, so it became like this
acme.sh --issue --nginx /etc/nginx/sites-enabled/myconfig -d mydomain.com
Thx! fixed for me.
acme.sh --issue -d mydomain.com --nginx /usr/local/nginx/conf/vhost/mydomain.conf
add the complete conf file fine for me
i have the same issue, even with the complete conf file in the command.
Same issue here. I try since 3 days with this... Nothing works....
struggling at this too Last log
[Thu 02 Feb 2023 09:02:26 AM MSK] Start _checkConf from:/etc/nginx/modules-enabled/70-mod-stream-geoip.conf
[Thu 02 Feb 2023 09:02:26 AM MSK] single
[Thu 02 Feb 2023 09:02:26 AM MSK] _isRealNginxConf somedomain.is /etc/nginx/modules-enabled/70-mod-stream-geoip.conf
[Thu 02 Feb 2023 09:02:26 AM MSK] check included /etc/nginx/mime.types
[Thu 02 Feb 2023 09:02:26 AM MSK] Start _checkConf from:/etc/nginx/mime.types
[Thu 02 Feb 2023 09:02:26 AM MSK] single
[Thu 02 Feb 2023 09:02:26 AM MSK] _isRealNginxConf somedomain.is /etc/nginx/mime.types
[Thu 02 Feb 2023 09:02:26 AM MSK] check included /etc/nginx/conf.d/*.conf
[Thu 02 Feb 2023 09:02:26 AM MSK] Start _checkConf from:/etc/nginx/conf.d/*.conf
[Thu 02 Feb 2023 09:02:26 AM MSK] wildcard
[Thu 02 Feb 2023 09:02:26 AM MSK] check included /etc/nginx/sites-enabled/default
[Thu 02 Feb 2023 09:02:26 AM MSK] Start _checkConf from:/etc/nginx/sites-enabled/default
[Thu 02 Feb 2023 09:02:26 AM MSK] single
[Thu 02 Feb 2023 09:02:26 AM MSK] _isRealNginxConf somedomain.is /etc/nginx/sites-enabled/default
[Thu 02 Feb 2023 09:02:26 AM MSK] _fln='89'
[Thu 02 Feb 2023 09:02:26 AM MSK] _start='79:server {'
[Thu 02 Feb 2023 09:02:26 AM MSK] _start_n='79'
[Thu 02 Feb 2023 09:02:26 AM MSK] _start_nn='80'
[Thu 02 Feb 2023 09:02:26 AM MSK] _end
[Thu 02 Feb 2023 09:02:26 AM MSK] _seg_n=' listen 443 ssl;
ssl_certificate /root/.acme.sh/somedomain.is/fullchain.cer; # use fullchain.cer for complete certificate
ssl_certificate_key /root/.acme.sh/somedomain.is/somedomain.is.key; # keep this private as much as possible
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 60m;
ssl_prefer_server_ciphers on;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
server_name somedomain.is;
root /var/www/somedomain.is;
index index.html index.php;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
# include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}'
[Thu 02 Feb 2023 09:02:26 AM MSK] ssl on, skip
[Thu 02 Feb 2023 09:02:26 AM MSK] Can not find conf file for domain somedomain.is
[Thu 02 Feb 2023 09:02:26 AM MSK] pid
[Thu 02 Feb 2023 09:02:26 AM MSK] No need to restore nginx, skip.
[Thu 02 Feb 2023 09:02:26 AM MSK] _clearupdns
[Thu 02 Feb 2023 09:02:26 AM MSK] dns_entries
[Thu 02 Feb 2023 09:02:26 AM MSK] skip dns.
[Thu 02 Feb 2023 09:02:26 AM MSK] _on_issue_err
[Thu 02 Feb 2023 09:02:26 AM MSK] Please check log file for more details: /root/.acme.sh/acme.sh.log
[Thu 02 Feb 2023 09:02:26 AM MSK] url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/2345678'
[Thu 02 Feb 2023 09:02:26 AM MSK] payload='{}'
[Thu 02 Feb 2023 09:02:26 AM MSK] POST
[Thu 02 Feb 2023 09:02:26 AM MSK] _post_url='https://acme-v02.api.letsencrypt.org/acme/chall-v3/23456789'
[Thu 02 Feb 2023 09:02:26 AM MSK] _CURL='curl --silent --dump-header /root/.acme.sh/http.header -L -g '
[Thu 02 Feb 2023 09:02:27 AM MSK] _ret='0'
[Thu 02 Feb 2023 09:02:27 AM MSK] code='200'
Any suggestions?
I was just facing this issue with nginx too. After reading the acme.sh code and log, here is what is required to work with nginx mode. You need a server nginx entry that meet the following: No ssl on or listen 443 ssl; No redirect to https://$host; No default returns as 404;
REPLACE your_domain.ext to your real domain
example:
server {
server_name your_domain.ext; # include many as required for single ssl file.
listen 80;
}
# others servers can be present
server {
server_name your_domain.ext;
listen 443 ssl; # This is ok is you already have a SSL certficate set
ssl_certifate /path_to_full_chain.cer; # will be your target after get the ssl cert.
ssl_certificate_key /path_to_cer_key;
}
When you get success SSL cert. You can edit your server to redirect to ssl for default:
REMEMBER EDIT BACK WHEN RENEW IS REQUIRED IN NGINX MODE
server {
server_name your_domain.ext; # include many as required for single ssl file.
listen 80;
# conditional check for SSL domains, redirect to https protocol.
if ($host = your_domain.ext) {
return 301 https://$host$request_uri;
}
...
}
Still getting the same error
Just remove any conf from enable sites folder... and create a new file with server listen 80 and your server_name; Issue the cert and restore you config file. This is useful for issue the cert without stop your Nginx server.
server {
server_name your_domain.ext;
listen 80;
}
Just remove any conf from enable sites folder... and create a new file with server listen 80 and your server_name; Issue the cert and restore you config file. This is useful for issue the cert without stop your Nginx server.
server { server_name your_domain.ext; listen 80; }
Works for me. Thx!
I change to webroot pattern and make it! Just add location code in domain.conf
location ^~ /.well-known/acme-challenge/ {
root /home/webroot;
}
then: acme.sh --issue -w /home/webroot -d domain.com
In log file, it seems acme.sh found and resolve the included file
/etc/nginx/conf.d/django_nginx.conf
, but it still reportCan not find conf file for domain mydomain.com
Steps to reproduce
Install and upgrade in default
Nginx configs
/etc/nginx/nginx.conf
/etc/nginx/conf.d/django_nginx.conf
Debug log