@fullyint Yes, indeed there was a conflict on the nginx conf, and solved by removing it!
The fix
On the production server.
$ cd /etc/nginx/sites-enabled
$ ls
letsencrypt-simplynativejapan.com.au.conf simplynativejapan.com.au.conf
no-default.conf
$ more letsencrypt-simplynativejapan.com.au.conf
server {
listen 80;
server_name simplynativejapan.com.au www.simplynativejapan.com.au;
include acme-challenge-location.conf;
}
$ sudo rm letsencrypt-simplynativejapan.com.au.conf
$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
$ sudo service nginx reload
Why it happened?
My guess is…
I remember that I had an error when I first provisioned the production server ( ansible-playbook server.yml -e env=production ).
I forgot to set CNAME for the www.simplynativejapan.com.au , and the Letsencrpypt task failed because the API could not reach to the site.
I could complete the provisioning after setting CNAME but maybe the letsencrypt-simplynativejapan.com.au.conf was left during the retry?
Thank you @fullyint for your prompt suggestion. You saved my day!