In my case when I delete my previous certificate, Then my nginx stop working and then I run rẩy this command
sudo systemctl start nginx.service
output
Job for nginx.service failed because the control process exited with error code.
See "systemctl status nginx.service" and "journalctl -xeu nginx.service" for details.
Then for debugging I run rẩy this
sudo systemctl status nginx.service
output
nginx.service - A high performance trang web server and a reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: failed (Result: exit-code) since Thu 2024-09-05 11:23:29 UTC; 16s ago
Duration: 14min 38.609s
Docs: man:nginx(8)
Process: 20011 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)
CPU: 6ms
Sep 05 11:23:29 ip-172-31-25-151 systemd[1]: Starting nginx.service - A high performance trang web server and a reverse proxy server...
Sep 05 11:23:29 ip-172-31-25-151 nginx[20011]: 2024/09/05 11:23:29 [emerg] 20011#20011: cannot load certificate "/etc/letsencrypt/live/my-app.com/fullchain.pem": BIO_new_file() failed (SSL: er>
Sep 05 11:23:29 ip-172-31-25-151 nginx[20011]: nginx: configuration tệp tin /etc/nginx/nginx.conf test failed
Sep 05 11:23:29 ip-172-31-25-151 systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE
Sep 05 11:23:29 ip-172-31-25-151 systemd[1]: nginx.service: Failed with result 'exit-code'.
Sep 05 11:23:29 ip-172-31-25-151 systemd[1]: Failed to tát start nginx.service - A high performance trang web server and a reverse proxy server.
Then run rẩy this command
sudo nano /etc/nginx/sites-available/default
And comment all lines which is managed by Certbot Comment all those lines which have # managed by Certbot at the over like
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/my-app.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/my-app.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
and also remove these line at the over of file
server {
if ($host = my-app.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = my-app.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name my-app.com;
return 404; # managed by Certbot
Then start my nginx server again and it worked fine for bầm, the issue was resolved
sudo systemctl start nginx.service
sudo systemctl status nginx.service
output
nginx.service - A high performance trang web server and a reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; enabled; preset: enabled)
Active: active (running) since Thu 2024-09-05 11:38:51 UTC; 13s ago
Docs: man:nginx(8)
Process: 20104 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Process: 20105 ExecStart=/usr/sbin/nginx -g daemon on; master_process on; (code=exited, status=0/SUCCESS)
Main PID: 20107 (nginx)
Tasks: 3 (limit: 4676)
Memory: 2.4M (peak: 2.8M)
CPU: 15ms
CGroup: /system.slice/nginx.service
├─20107 "nginx: master process /usr/sbin/nginx -g daemon on; master_process on;"
├─20108 "nginx: worker process"
└─20109 "nginx: worker process"
Sep 05 11:38:51 ip-172-31-25-151 systemd[1]: Starting nginx.service - A high performance trang web server and a reverse proxy server...
Sep 05 11:38:51 ip-172-31-25-151 systemd[1]: Started nginx.service - A high performance trang web server and a reverse proxy server.
Then again create a new certificate