Nginx Insight Guide How to change a site's domain name with HTTPS and Letsencrypt SSL Certificate?

To change a Centmin Mod Nginx created site's domain, you'd need to do the following steps - assuming your site is HTTPS based with Letsencypt SSL (which is the norm these days).

Notes:

• Below example uses old domain = olddomain.com and new domain = newdomain.com so replace all occurrences with your specific names for old and new desired domain name.
• To be 100% safe, always backup directories and files before you move, rename or delete them. You'd need to backup the following files & directories
  • /usr/local/nginx/conf/conf.d/olddomain.com.ssl.conf
  • /usr/local/nginx/conf/ssl/olddomain.com
  • /home/nginx/domains/olddomain.com

Step 1. Copy your Letsencrypt issued SSL certificate files from old domain name directory to create a copy in new domain name's directory. This directory is set in your domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/olddomain.com.ssl.conf as path to look for Letsencrypt SSL certificates for HTTPS sites.

Code (Text):

cp -a /usr/local/nginx/conf/ssl/olddomain.com /usr/local/nginx/conf/ssl/newdomain.com

Step 2. Copy your domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/olddomain.com.ssl.conf and create your new domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf

Code (Text):

cp -a /usr/local/nginx/conf/conf.d/olddomain.com.ssl.conf /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf

Step 3. Modify your newly created Nginx vhost config file at /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf replacing all references of olddomain.com with newdomain.com - paying attention to server_name domain names listed which tell Nginx which domain to detect and serve. You also need to modify all references to olddomain.com in /usr/local/nginx/conf/ssl/newdomain.com/newdomain.com.crt.key.conf include file. You can use a text editor with copy & replace all feature or just use command line sed to replace all occurences.

Code (Text):

sed -i 's|olddomain.com|newdomain.com|g' /usr/local/nginx/conf/conf.d/newdomain.com.ssl.conf
sed -i 's|olddomain.com|newdomain.com|g' /usr/local/nginx/conf/ssl/newdomain.com/newdomain.com.crt.key.conf

Step 4. Adjusting your domain's site directory and public web root where files are uploaded and served from. Old domain would have public web root as /home/nginx/domains/olddomain.com/public where site directory is at /home/nginx/domains/olddomain.com.

If you have enough disk space you can make a copy so that both /home/nginx/domains/olddomain.com and /home/nginx/domains/newdomain.com exist at same time. This way you can still test and access your domain from either olddomain.com or newdomain.com when you have finished these steps.

Code (Text):

cp -a /home/nginx/domains/olddomain.com /home/nginx/domains/newdomain.com

At this stage you should be able to restart Nginx + PHP-FPM to have access to both /home/nginx/domains/olddomain.com and /home/nginx/domains/newdomain.com - provided you have working DNS A records for both olddomain.com and newdomain.com pointing to the server IPv4 IP address. Access to newdomain.com will though have invalid SSL certificate warning as SSL certificates contained in copied domain at /usr/local/nginx/conf/ssl/newdomain.com are for olddomain.com for now.

Code (Text):

nprestart

If you don't have enough disk space, then DO NOT restart Nginx + PHP-FPM yet as it will break your olddomain.com access right now as /home/nginx/domains/olddomain.com would no longer exist after a rename via mv command below

Code (Text):

mv /home/nginx/domains/olddomain.com /home/nginx/domains/newdomain.com

Step 5. Now once all is working on newdomain.com, remove the original copied files and directories via rm command if you no longer need access to olddomain.com. If you have enough disk space, it wouldn't hurt keeping them there for a few weeks to make sure your newdomain.com is working as you can reference the old files again if you have issues etc.

Code (Text):

cd /usr/local/nginx/conf/ssl/olddomain.com
rm -f /usr/local/nginx/conf/conf.d/olddomain.com.ssl.conf
rm -rf /usr/local/nginx/conf/ssl/olddomain.com
rm -rf /home/nginx/domains/olddomain.com

and then restart both Nginx + PHP-FPM

Code (Text):

nprestart

Step 6. Reissuing Letsencrypt SSL certificate for newdomain.com so it properly populates /root/.acme/newdomain.com directory with settings that Letsencrypt cronjob uses for auto renewal.

---

Try acmetool.sh add reissue-only option for existing nginx HTTPS SSL vhosts with newdomain.com.ssl.conf vhost config files that exist. This only does reissue of letsencrypt SSL cert without touching the nginx vhost. Ideal for use when you tried creating a Nginx HTTPS SSL default vhost site but letsencrypt SSL issuance failed the first time. When it fails, Centmin Mod usually falls back to self-signed SSL as a place holder for the domain.com.ssl.conf vhost config. In this case purpose is to issue Letsencrypt SSL certificates for newdomain.com to overwrite ones in /usr/local/nginx/conf/ssl/newdomain.com which were copied from olddomain.com.

When you run:

Code (Text):

cd /usr/local/src/centminmod/addons
./acmetool.sh reissue-only newdomain.com live

It will only try reissuing the letsencrypt SSL certificate for the domain = newdomain.com for live production SSL certificate without touching any of the existing nginx vhost at newdomain.com.ssl.conf

Now you should have moved your domain from olddomain.com to newdomain.com