The bench command doesn’t work anymore because the certbot auto had been deprecated.
The alternative is to use direct certbot command as you do.
The trick is on setting up the site_config.json (for single domain) or common_site_config.json (for wildcard).
- after the ssl creation with certbot,
- check in the nginx.conf and see if the certs has been applied correctly (it should because the certbot does it automatically).
- don’t run
bench setup nginxyet (this will remove the cert path from nginx.conf) - enter the cert paths into site_config.json (for single domain) or common_site_config.json (for wildcard)
- then run
bench setup nginx
For cert path insertion you can see follow these formats (choose which suit your need):
In common_site_config.json for wildcard certs:
"wildcard": {
"domain": "*.example.com",
"ssl_certificate": "/etc/letsencrypt/live/example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/example.com/privkey.pem"
}
In site_config.json for site with custom domain (when there are multi domains or subdomains with each own ssl):
"domains": [
{
"domain": "site1.example.com",
"ssl_certificate": "/etc/letsencrypt/live/site1.example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/site1.example.com/privkey.pem"
},
{
"domain": "site2.example.com",
"ssl_certificate": "/etc/letsencrypt/live/site2.example.com/fullchain.pem",
"ssl_certificate_key": "/etc/letsencrypt/live/site2.example.com/privkey.pem"
}
]