It should certainly be possible to get this working, I haven’t tried nginx in quite a while but it’s just a web server at the end of the day, so there’s nothing special about nginx specifically.
As you are consuming port 80 with nginx you will no longer be able to use the built in http challenge server (it tries to listen on port 80 as well, but nginx will be holding that exclusively), you can disable the http challenge server under settings so that the app doesn’t even try to use it.
As noted the app should create a file called ‘configcheck’ under the /.well-known/acme-challenge/ path of your website, as determined by the site root directory you have specified, so the first thing to figure out is why doesn’t it create that file. I’m assuming you are using the very latest version of Certify.
Delete your manually created .well-known folder and instead click ‘Test’, this will create the .well-known/acme-challenge/configcheck path and configcheck file.
Note that ‘Perform challenge response config checks’ is enabled.
If the folder doesn’t get created when you click test then either:
- the certify background service doesn’t have permission to write to that folder
- or, much more likely, your Site Root Directory is incorrect.
If you can’t resolve this step (testing the config check file creation) then you definitely won’t get any further, so this is the part you need to fix first.
Once you have the app creating the ‘configcheck’ file (which is a text file with no .txt extension) you have to try browsing to
http://yourdomain/.well-known/acme-challenge/configcheck - if that returns
Extensionless File Config Test - OK then you are good to go and http validation will work.
If not, then you need to figure out what’s going wrong - the most likely thing is that you have the wrong site root or your server is configured to serve a 404 etc page instead of allows the request through.