Hey @mykleman I have a feeling you hit a snag with our documentation.
You were absolutely in the right place with
The point of those docs is to switch the URL in Ghost to the www. or other additional domain without restarting Ghost, use ghost setup ssl nginx to trigger generation of a certificate and the nginx files, and then edit them to just redirect. Which I think you did.
However I think this line of the docs is where the issue is:
# Edit the nginx config files for your second domain to redirect to your canonical domain. In both files replace the content of the first location block with:
return 301 https://my-canonical-domain.com$request_uri;
You’ve ended up with the below as your modified www.tidyglass.co.uk-ssl.conf
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name www.tidyglass.co.uk;
return 301 https://tidyglass.co.uk$request_uri;
}
Which is missing 3 critical lines for SSL:
ssl_certificate /etc/letsencrypt/www.tidyglass.co.uk/fullchain.cer;
ssl_certificate_key /etc/letsencrypt/tidyglass.co.uk/www.tidyglass.co.uk.key;
include /etc/nginx/snippets/ssl-params.conf;
Without these 3 lines, you’re not serving the certificate for the redirect, so it won’t work.
You should be able to fix it by doing either:
- Edit the file www.tidyglass.co.uk-ssl.conf to put these 3 lines back
- delete the 2 files
www.tidyglass.co.uk.conf&www.tidyglass.co.uk-ssl.confand then follow the docs again, but leaving the certificate lines in place this time
@DavidDarnes can you look at maybe expanding these docs to make the steps clearer?