SSL certificate errors but doesn't show error

It seems the domain can’t be registered but i do not know why. Leaving out the alternate domain (the www-one) it works just fine.

Any help is very much appreciated!

Hello @sebbler,

Give this a try:

  1. Delete the site from your server - I can see that the site errored during creation, it may be due to SSL but could be due to something else
  2. Re-add but DO NOT enable SSL during site creation - let’s rule out SSL being reason for site failure

If the site successfully installs, then try adding SSL again for both root and www. I can see both records are pointing to the correct IP, so that shouldn’t block SSL certification.

Let us know if this works or if there is still an issue.

Thank you! It did error out again but i got the solution:
I was having a redirect like so:

which was causing the lets encrypt verification process to check for and therefore the wrong domain.

As this problem will probably reoccur:
What’s the right way to setup a redirect of a whole domain without SSL failing?

Thanks for your support :muscle:

1 Like

Do you want to actually redirect the domain or keep the domain but point to The latter can be done with either CNAME on DNS or by adding an alias to

You are correct, the problem will reoccur when LetsEncrypt attempts to renew the cert in a couple of months. There’d need to be some other mods to not redirect /.well-known/acme-challenge/ requests.

Yeah redirect the domain so that after typing it changes the url to in the browser url bar.

How to address this problem? Is there anything i can do?

Thanks for your help as always!

You could modify the site’s NGINX config in Cleavr > site > nginx config.

Be sure to first copy the current settings and save somewhere before changing in case you need to revert back.


  1. Find include cleavr-conf/*.conf; line and remove it
  2. Move location ^~ /.well-known/acme-challenge/ directive below location / directive
  3. Update location / directive to only have include cleavr-conf/;

So, this updated section will look like:

  location / {
    include cleavr-conf/;

location ^~ /.well-known/acme-challenge/ {
    allow all;

That will keep the redirects in tact as well as will route the LetsEncrypt renewals so that they aren’t redirected.

Thank you for the help.

I get an error if I try to change the nginx config like you stated:

Here’s the config:

include /etc/nginx/cleavr-conf/*.conf;
map $http_upgrade $connection_upgrade {
  default upgrade;

server {

  root /home/cleavr/;
  charset utf-8;

  # Uncomment the following line only if you don't want to enable NGINX monitoring for this site
  # access_log off;
  # Uncomment the following line if you don't have a favicon and don't want to log 404 errors
  # location = /favicon.ico { access_log off; log_not_found off; }

  # Comment the following line if you do have a physical robots.txt file
  location = /robots.txt  { access_log off; log_not_found off; }

  error_log /var/log/nginx/error.log error;
  access_log /var/log/nginx/;
  access_log /var/log/nginx/access.log;

  index index.html index.htm;

  location ~* \.(gif|jpg|jpeg|png|css|js)$ {
    expires max;

  location / {
    include cleavr-conf/

  location ^~ /.well-known/acme-challenge/ {
    allow all;

  location ~ /\.ht {
    deny all;

  location ~ /\. {
      deny all;

Do you have any idea what’s wrong?

It looks like how I had mine set up. The only thing I can think of is if the redirects were removed? That could cause an error when saving NGINX.