Hi Moshe
This works absolutely perfect. Thank you so much for letting me (us) know how to use the config arrangement.
Let me summarize the steps also for other users that might stumble over this thread (and please feel free to correct/improve if required).
After performing the certbot command that you provided above the certificates were produced.
Then I added the Website folder for new.page.com under /var/www/new.page.com and added a simple "hello world" index.html website to it.
Then I made the folder and its contents owned by nginx:nginx
> sudo chown -R nginx:nginx /var/www/new.page.com
Then I added the simple nginx config file that listens on 443 and refers to the website folder:
server {
listen 443 http2 ssl;
listen [::]:443 http2 ssl;
server_name new.page.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/new.page.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/new.page.com/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
root /var/www/new.page.com;
}
}
opening new.page.com in the webbrowser will open the "Hello World" page with https.
Now the certificate can be renewed with the command
> sudo certbot renew
This can be checked by performing
> sudo certbot renew --dry-run
This is important because the command "certbot renew" can easily be added to a crontab for automatic renewal of the certificates.
I hope the above helps other people as well.
Thank you again Moshe.
Until another given time ;-)
Chris