Nginx Certbot
Finally, after a week of headbanging, I managed to figure out certbot’s installation process with nginx and how to deploy python apps with uwsgi.
1. Make sure that existing nginx is not listening on port 443
There was a tiny trick with certbot’s nginx plugin - if you have a virtualhost, say, in
/etc/nginx/sites-available/test.com
, you must not listen on port 443. In other words, make sure that:
server {
# MAKE SURE THESE TWO LINES ARE COMMENTED
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
...
}
Otherwise, you might get a ‘connection reset by peer’ error. This is because there is already a listen on 443 on the default server block.
2. Make sure that server_name is defined
Nginx needs a virtualhost to be configured, so if you don’t include a configuration file with the server_name directive set, it will not work:
server {
# This does not work - this is the default configuration
server_name _;
# Works
server_name test.com www.test.com;
...
}