Linux Survival Basics
Read-only, can be slowFind Nginx SSL Certificate Directives
You need enabled Nginx TLS certificate and server_name lines before reloads.
Command
grep -RInE 'ssl_certificate|ssl_certificate_key|server_name' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/null
Before you run this
System impact: Read-only. Can create load on large logs, directories, filesystems, or process tables.
When not to use it: Do not edit TLS paths before matching the live server block and certbot inventory.
Expected output
Matching config files, line numbers, server names, and certificate paths.
System impact
Read-only, can be slow. Nothing changes. The command reads current state and prints diagnostic evidence.
May require elevated permissions on protected paths or service-owned files.
Scope this to the smallest useful path or service on busy systems.
Recovery / rollback: no state is changed.
When to use it
Use when Nginx serves the wrong certificate or hostname.
When not to use it
Do not edit TLS paths before matching the live server block and certbot inventory.
Common misread
Do not edit TLS paths before matching the live server block and certbot inventory.
Example run
Commands shown
These are the commands shown for inspection. Treat them as an example, not proof that your system will behave identically.
grep -RInE 'ssl_certificate|ssl_certificate_key|server_name' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/nullgrep -RInE 'ssl_certificate|ssl_certificate_key|server_name' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/null
next steps
Related commands
Find Nginx root alias and access rules
One deny or alias can explain the whole 403.
grep -RInE 'root|alias|deny|allow' /etc/nginx/sites-enabled /etc/nginx/conf.d 2>/dev/null
Find Apache DocumentRoot and Directory Rules
Apache 403 often comes from the directory block, not the file.
grep -RInE 'DocumentRoot|<Directory|Require all|Options|AllowOverride' /etc/apache2/sites-enabled /etc/apache2/conf-enabled /etc/httpd/conf.d 2>/dev/null
List Nginx Listen Directives
The site was configured, but the port was not.
grep -RInE '^[[:space:]]*listen[[:space:]]' /etc/nginx/conf.d /etc/nginx/sites-enabled 2>/dev/null
Show Nginx Include Lines
The config was valid; it just was not included.
grep -RInE '^[[:space:]]*include[[:space:]]' /etc/nginx/nginx.conf /etc/nginx/conf.d /etc/nginx/sites-enabled 2>/dev/null
Map Nginx Roots and Aliases
The URL was right. The filesystem path was not.
grep -RInE '^[[:space:]]*(root|alias)[[:space:]]' /etc/nginx/conf.d /etc/nginx/sites-enabled 2>/dev/null
next diagnostic step
Where to go from this command
- Related problem hub Use this command as part of the repair path.
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.