Join the community today
Register Now

Nginx Insight Guide How to change a site's domain name with HTTPS and Letsencrypt SSL Certificate?

Discussion in 'Centmin Mod Insights' started by eva2000, Sep 25, 2019.

Thread Status:
Not open for further replies.
  1. eva2000

    eva2000 Administrator Staff Member

    May 24, 2014
    Brisbane, Australia
    Local Time:
    1:16 AM
    Nginx 1.25.x
    MariaDB 10.x
    To change a Centmin Mod Nginx created site's domain, you'd need to do the following steps - assuming your site is HTTPS based with Letsencypt SSL (which is the norm these days).

    • Below example uses old domain = and new domain = so replace all occurrences with your specific names for old and new desired domain name.
    • To be 100% safe, always backup directories and files before you move, rename or delete them. You'd need to backup the following files & directories
      • /usr/local/nginx/conf/conf.d/
      • /usr/local/nginx/conf/ssl/
      • /home/nginx/domains/
    Step 1. Copy your Letsencrypt issued SSL certificate files from old domain name directory to create a copy in new domain name's directory. This directory is set in your domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/ as path to look for Letsencrypt SSL certificates for HTTPS sites.
    Code (Text):
    cp -a /usr/local/nginx/conf/ssl/ /usr/local/nginx/conf/ssl/

    Step 2. Copy your domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/ and create your new domain's Nginx vhost config file at /usr/local/nginx/conf/conf.d/
    Code (Text):
    cp -a /usr/local/nginx/conf/conf.d/ /usr/local/nginx/conf/conf.d/

    Step 3. Modify your newly created Nginx vhost config file at /usr/local/nginx/conf/conf.d/ replacing all references of with - paying attention to server_name domain names listed which tell Nginx which domain to detect and serve. You also need to modify all references to in /usr/local/nginx/conf/ssl/ include file. You can use a text editor with copy & replace all feature or just use command line sed to replace all occurences.
    Code (Text):
    sed -i 's|||g' /usr/local/nginx/conf/conf.d/
    sed -i 's|||g' /usr/local/nginx/conf/ssl/

    Step 4. Adjusting your domain's site directory and public web root where files are uploaded and served from. Old domain would have public web root as /home/nginx/domains/ where site directory is at /home/nginx/domains/

    If you have enough disk space you can make a copy so that both /home/nginx/domains/ and /home/nginx/domains/ exist at same time. This way you can still test and access your domain from either or when you have finished these steps.
    Code (Text):
    cp -a /home/nginx/domains/ /home/nginx/domains/

    At this stage you should be able to restart Nginx + PHP-FPM to have access to both /home/nginx/domains/ and /home/nginx/domains/ - provided you have working DNS A records for both and pointing to the server IPv4 IP address. Access to will though have invalid SSL certificate warning as SSL certificates contained in copied domain at /usr/local/nginx/conf/ssl/ are for for now.
    Code (Text):

    If you don't have enough disk space, then DO NOT restart Nginx + PHP-FPM yet as it will break your access right now as /home/nginx/domains/ would no longer exist after a rename via mv command below
    Code (Text):
    mv /home/nginx/domains/ /home/nginx/domains/

    Step 5. Now once all is working on, remove the original copied files and directories via rm command if you no longer need access to If you have enough disk space, it wouldn't hurt keeping them there for a few weeks to make sure your is working as you can reference the old files again if you have issues etc.
    Code (Text):
    cd /usr/local/nginx/conf/ssl/
    rm -f /usr/local/nginx/conf/conf.d/
    rm -rf /usr/local/nginx/conf/ssl/
    rm -rf /home/nginx/domains/

    and then restart both Nginx + PHP-FPM
    Code (Text):

    Step 6. Reissuing Letsencrypt SSL certificate for so it properly populates /root/.acme/ directory with settings that Letsencrypt cronjob uses for auto renewal.

    Try add reissue-only option for existing nginx HTTPS SSL vhosts with vhost config files that exist. This only does reissue of letsencrypt SSL cert without touching the nginx vhost. Ideal for use when you tried creating a Nginx HTTPS SSL default vhost site but letsencrypt SSL issuance failed the first time. When it fails, Centmin Mod usually falls back to self-signed SSL as a place holder for the vhost config. In this case purpose is to issue Letsencrypt SSL certificates for to overwrite ones in /usr/local/nginx/conf/ssl/ which were copied from

    When you run:
    Code (Text):
    cd /usr/local/src/centminmod/addons
    ./ reissue-only live

    It will only try reissuing the letsencrypt SSL certificate for the domain = for live production SSL certificate without touching any of the existing nginx vhost at

    Now you should have moved your domain from to

Thread Status:
Not open for further replies.