Where is document root to add for certbot

inna

Hello,

I use certbot certonly --webroot -w /data/site -d domain.com to generate SSL Certificate, but I get error 404:

IMPORTANT NOTES:
 - The following errors were reported by the server:

   Domain: domain.com
   Type:   unauthorized
   Detail: Invalid response from
   http://domain.com/.well-known/acme-challenge/Pm0OGln2RSQcDYSg8YOyOnAwUlff8D3wt-H62vtOVQQ
   [IP]: 404

But in my nginx web-server, root /data/site is there and my website works fine.

What should I do for this?

gotwf

@inna Does /root/data/site/.well-known/acme-challenge directory exist? And if so, does nginx have permissions to write there? If not then the response to the challenge cannot be met.

You could also do something like this w/your nginx config:

server {
       listen 80;
       server_name forums.example.com;

       # set up let's encrypt 
       location ^~ /.well-known/acme-challenge {
                alias /var/www/certbot;
       }
                
       return 302 https://$server_name$request_uri;

}

I do not use certbot so am unfamiliar with the specifics. But basically the location line creates an alias to some dir outside of your nodebb home, so as to keep that certbot separate.

See nginx alias directive documentation for more complete explanation.

On related note, I favor Dehydrated Boulders.

Have fun!

inna

@gotwf said in Where is document root to add for certbot:

@inna Does /root/data/site/.well-known/acme-challenge directory exist? And if so, does nginx have permissions to write there? If not then the response to the challenge cannot be met.

You could also do something like this w/your nginx config:

server {
       listen 80;
       server_name forums.example.com;

       # set up let's encrypt 
       location ^~ /.well-known/acme-challenge {
                alias /var/www/certbot;
       }
                
       return 302 https://$server_name$request_uri;

}

I do not use certbot so am unfamiliar with the specifics. But basically the location line creates an alias to some dir outside of your nodebb home, so as to keep that certbot separate.

See nginx alias directive documentation for more complete explanation.

On related note, I favor Dehydrated Boulders.

Have fun!

In this scenario that we suppose /data/site is the root of my website, I tried adding a /data/site/saeed.html but I got error 404. So this is not the index path.
I want to know where should I add saeed.html so that I can access it via http://domain.com/saeed.html.

PitaJ

Have you tried setting up nginx normally to serve your site and using certbot --nginx?

inna

@pitaj That worked:) thanks