Issue:
My ssl auto-renew didn’t work. So I attempted to manually renew the SSL. However, I kept getting this error. So I figured there was something wrong with the setup.I did a fresh instance and I’m still getting this error.
It produced this output:
Your domain name is not pointing to the correct IP address of your server, check your DNS has propagated and run ghost setup ssl again
My web server is (include version):
Ubuntu 18.04
My hosting provider, if applicable, is:
AWS
I can login to a root shell on my machine (yes or no, or I don’t know):
Yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
Has anyone experienced this issue? Any idea how to solve it?
Certbot aka letsencrypt use http - port 80 for renewals. The ghost ssl certificate acme.sh is an old version with customisations - but I expect it has the same restriction.
You have to be a bit careful to keep http access to the .well-known folder available.
The certbot force-to-ssl for nginx is a poor implementation as it uses an IF statement - nginx IF statements should be avoided wherever possible.