Setting up SSL at first was a laugh. The other day though I fell victim to a sale where they gave away 10 year .tech domain registrations for a measly $40. Considering that’s basically 90%, I enthusiastically picked up a personal domain for future use.

Then again I don’t have plans of setting up a personal portfolio site for now (though I used to have one a decade ago), so I wanted to just redirect it to instead. That’s where things got ugly.

At first I thought I’d just set up nginx to redirect the port 80 requests for that domain to’s 443 instead, but that didn’t work out. I don’t exactly know what or how I messed up, but it was either-or: either the domain worked or

Long story short, I made an SSL cert for the new domain and redirected its port 443 to Generating the SSL cert was quite interesting.

Certbot’s nginx plugin kept failing, so I just shut down nginx, created a temporary site in Apache, let Certbot generate the cert using that, then set the path to the cert in the nginx config and deleted the Apache site.

However, now Apache would keep listening on 443 (where it shouldn’t), blocking nginx from doing so. Turns out Certbot automatically added port 443 back into Apache’s ports.conf. Removing that fixed it.

In retrospect I should’ve used Certbot’s –certonly option, but that kept crapping itself helplessly when used with nginx so it didn’t occur to me. But all is fine now. For now.