Stuck on setting up SSL with a secondary domain

Hi there! I just migrated from Ghost(Pro) to a self-hosted install on a VPS at OVH.
The main URL: https://blog.orgtech.fr

I used to have https://blog.orgtech-fr.com as the custom domain of my Ghost(Pro) blog.
I’m trying to set it up as an alternate domain.

The IP address of the VPS is 51.210.47.227, so I added an A record pointing to this address for the blog subdomain of the orgtech-fr.com domain, managed at Namecheap. It worked well, the blog is accessible at http://blog.orgtech-fr.com.

Next I applied the instructions from Ghost’s KB:

# Determine your secondary URL
ghost config url https://my-second-domain.com

# Get Ghost-CLI to generate an SSL setup for you:
ghost setup nginx ssl

# Change your config back to your canonical domain
ghost config url https://my-canonical-domain.com

# Edit the nginx config files for your second domain to redirect to your canonical domain. In both files replace the content of the first location block with:
return 301 https://my-canonical-domain.com$request_uri;

# Get nginx to verify your config
sudo nginx -t

# Reload nginx with your new config
sudo nginx -s reload

Everything seemed ok, but https is still not working.

I’m wondering if my edit of the Nginx config files is right. I just replaced everything that was between the curly brackets with the line mentioned in the doc:

server {
    return 301 https://blog.orgtech.fr$request_uri;

}

Is that correct?

Also, since it wasn’t doing the trick, I read a recent topic here on SSL and DNS, and I just tried to add blog.orgtech-fr.com as a secondary DNS to my VPS. I completed the operation but it doesn’t make any change. I must say that I’m a noob at these things, so I’m trying stuff without necessarily understanding what I’m doing :smiley:

Thank you for your helo :pray: :slightly_smiling_face:

Help anyone? :pray:

I used certbot to configure SSL because initially it only set up the base domain name’s SSL. I needed the ‘www’ to be SSL enabled too.
https://letsencrypt.org/getting-started/ (SSL certificate used by Ghost is from LetsEncrypt.)
Follow the info on the page and install certbot and run it. It should detect additional domain/server names from your nginx config file automatically and prompt you to select which to get ssl certificate for. Hope this helps.

1 Like

Thank you so much for your answer!

I installed certbot and then ran ‘sudo certbot --nginx’ as per the instructions on certbot website.
At some point, I’m being asked to answer this:

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: blog.orgtech.fr
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel):

At this point, I hit ‘c’ to cancel. The subdomain I’m trying to add SSL to is “blog.orgtech-fr.com”, not “blog.orgtech.fr” which is already working.

Do you have any idea of how I could have “blog.orgtech-fr.com” added to this list? Maybe some DNS record that I haven’t properly set?

Thank you!

hmm… that’s odd if the site is setup up and running for blog.orgtech-fr.com Certbot is supposed to find it automatically. Are they suppose to be the same site? If that’s the case, to make it simple, remove blog.orgtech-fr.com’s nginx setup, then find blog.orgtech.fr’s nginx conf file, add blog.orgtech-fr.com to the line “sever_name” so it looks like “server_name blog.orgtech.fr blog.orgtech-fr.com” without the double quotes. Restart nginx. Both domain names should now point to the same site. Then run certbot and it should pick up both domain names and present them for you to choose for ssl install.

1 Like

It worked!! Thank you so much :pray: :upside_down_face:
:sun_with_face:

1 Like

Glad it helped! :raised_hands: :+1: :smiley:

1 Like