November 19, 2023

Add a new website to a server running nginx, LetsEncrypt HTTPS and Certbot

Last updated on January 2024.

This is follow up note from to add a second website on the same web server.

Update DNS

In the DNS, point the domain name (or a subdomain) to the IP address of VPS.

A @ IP_address

Configure web server


Follow FedFree’s instructions:

Generate a LetsEncrypt certificate


Generate a LetsEncrypt certificate for the new website:

# certbot certonly --webroot -w /var/www/ --must-staple --rsa-key-size 4096 --agree-tos -w /var/www/letsencrypt -d --register-unsafely-without-email
# certbot certonly --webroot -w /var/www/ --must-staple --rsa-key-size 4096 --agree-tos -w /var/www/letsencrypt -d --register-unsafely-without-email
# ls /etc/letsencrypt/live/ # show that and www.example directories are created

About --webroot:

Place index.html in root

# touch /var/www/

Add CAA to DNS CAA 128 issue ""

CAA creates a DNS mechanism that enables domain name owners to whitelist CAs that are allowed to issue certificates for their hostnames.

Long story:


Run curl tests and the SSL test (you should get A+), see:


# nginx -t

And reload nginx:

# systemctl reload nginx

Back up the LetsEncrypt certificate

Back up the LetsEncrypt directory:


I do self-funded research and I'm writing a book.

> What's the book about?

About technologies and agency.

Meaning, technologies can foster agency. No doubt. But I am also asking:

Can usage of technologies give us a sense of empowerment while in fact undermining our abilities?

I posted a summary of the prologue on the homepage:


personal computing command-line interface (cli) gnu linux trisquel shell literacy wiki nginx hosting letsencrypt certbot

No affiliate links, no analytics, no tracking, no cookies. This work © 2016-2024 by is licensed under CC BY-ND 4.0 .   about me   contact me   all entries & tags   FAQ   GPG public key

GPG fingerprint: 2E0F FB60 7FEF 11D0 FB45 4DDC E979 E52A 7036 7A88