Re: Serve same website under two URLs / domains with certbot

[forumacct]

Hello,

Thank you for the extended help. I see there will be a lot of reading to
understand all the features in nginx.

Francis Daly Wrote:
-------------------------------------------------------
> On Sat, Jun 05, 2021 at 04:28:06AM -0400, forumacct wrote:
> 
> Hi there,
...

> If you have two server_names that are used, and that will *always*
> serve
> the same content as each other (and you are happy that someone who
> uses
> one name will be able to see that the other name exists), then you can
> get one certificate that is valid for both names, and configure nginx
> to
> use that for all requests that are handled in this server{}. (The
> other
> reply indicates that certbot does support this two-name certificate.)
...

That was something I also had just discovered. And that route seems to have
worked for me.

I did this:
sudo certbot --nginx -d skywatcher.space -d www.skywatcher.space -d
drgert.dyndns.ws 

And it asked if I want to append the multiple domains into the same
certificate which I confirmed. It created one file
/etc/letsencrypt/live/skywatcher.space/fullchain.pem
which has 3 sections I assume representing the three domain names. (Why do
www.domain.com and domain.com count as two?)

Then a single file in sites-enabled worked for me.

vi /etc/nginx/sites-enabled/rpi3_https_2dom.conf 
# Default server configuration
server {
        listen 80 ;
        listen 8000; # Alternate http port
        root /media/usbstick/nginx/www;

        # Add index.php to the list if you are using PHP
        index index.php index.html index.htm;
        server_name drgert.dyndns.ws skywatcher.space www.skywatcher.space;
# managed by Certbot

        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
        }

        # pass PHP scripts to FastCGI server
        location ~ \.php$ {
                include snippets/fastcgi-php.conf;
                fastcgi_pass unix:/run/php/php7.3-fpm.sock;
        }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/skywatcher.space/fullchain.pem; #
managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/skywatcher.space/privkey.pem;
# managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

For your experience/background is there anything in the above that is not
yet OK?

Cheers,
Gert

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,291774,291781#msg-291781

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx