Can someone please render me some assistance
I have an issue where when accessing the domain sg.simpple.app results in an error indicating that the cert date is invalid
However when running certbot certificates it shows that the certificate is already up to date and has ample time till expiry
I have also restarted the server through
systemctl restart nginx
systemctl restart php-fpm
My suspicion is that it is using the wrong certificate, can someone please guide me in solving this issue?
Issue was with the filepath in nano /etc/nginx/conf.d/default.conf.
As the previous letsencrypt certificate had different domains to the new letsencryp certificate generated it didnt replace the original certificate.
had to manually change the filepath in nano /etc/nginx/conf.d/default.conf.
Related
Scenario:
Current server # example.com is running an older version of amazon AWS Lightsail with wordpress (ubuntu) and we just had a new certificate issued using letsencrypt. All is well. Original cert was requested with wildcard, so functional for any subdomain.
Now, we needed to spin up a fresh new server for a subdomain, let's call it development.example.com.
The new AWS lightsail instances now are no longer Ubuntu but Debian!
The idea was to install certbot in the new Debian instance and then copy over the certificate files from the primary server # example.com.
I've done this successfully in the past when it was going from Ubuntu to Ubuntu but now that the new instance is Debian, the Really Simple SSL plugin does not recognize that a certificate is installed.
STEPS I took to move the certificate files:
What I've done before is simply to copy /etc/letsencrypt/* from one server to another and then follow the steps outlined in the AWS documentation here:
https://lightsail.aws.amazon.com/ls/docs/en_us/articles/amazon-lightsail-using-lets-encrypt-certificates-with-wordpress#complete-the-prerequisites-lets-encrypt-wordpress
In this case, performing the steps 7.4, 7.5, 7.6 and section 8.
However, steps described in section 8.1 do not appear valid in this document anymore for Debian, because there is no such location on Debian:
sudo chmod 666 /opt/bitnami/apps/wordpress/htdocs/wp-config.php
AND because it seems an .htaccess does not exist either.
sudo chmod 666 /opt/bitnami/apps/wordpress/conf/htaccess.conf
Are there additional steps now which I've missed to be able to copy the necessary files for SSL to work properly on this new subdomain server now running Debian?
I was going to go through a new certificate request in the development server but wouldn't that invalidate the certificate currently installed for the primary domain?
In other words, how to properly copy the SSL files from the main Ubuntu server and configure the Debian subdomain server so that both wordpress installations have SSL correctly installed?
Thank you #mikemoy indeed, one can issue multiple wildcard certificates from different servers in a subdomain. Just went ahead and issued a new certificate.
An error occurred.
Sorry, the page you are looking for is currently unavailable.
Please try again later.
If you are the system administrator of this resource then you should check the error log for details.
Faithfully yours, nginx.
I rebooted the server just before happening this using sudo reboot now since it is an ubuntu server.
I checked this .I did not understand any of it unfortunately. Also I cant access any of the pages in the specific site of mine which is showing this error.
The error.log is empty on the location /var/log/nginx
error.log.1 has some logs which happens months ago. Same for access.log.1
I am not a network guy.
sudo service nginx status
sudo service nginx start
could be that for some reason nginx not started after reboot
I am running a VM on Ubuntu 18.04 an using a self signed ssl certificate (openssl). I installed the CA AUthority, uploaded it to Chrome. Chrome recognizes the SSL so I am not getting and error there, I do however get a guzzle error in Symfony. I have tried editing php.ini and inputing the cacert.pem there and nothing is working. this is not a duplicate please
I am reaching out to see if anybody has run into this based on the stack above.
I recently installed Ghost 1.8.4 and Nginx on my AWS ec2 Ubuntu 16.04 server. When I loaded my blog site, it correctly took me to the Ghost home page, from where I logged into Ghost admin. On the admin screen, there was a message to update.
I ran ghost update in putty
The update appeared to be successful, but when I returned to my blog site, I received the following error:
502 Bad Gateway
nginx/1.10.3 (Ubuntu)
Does anyone know a probably cause of this error and how to resolve?
I checked some posts, which suggested I should have turned Ghost off before the update. If this is true, is my ghost installation now corrupted?
I went to my ghost directory in /var/www/ghost and tried to run:
sudo service ghost start
but it returned:
Failed to start ghost.service: Unit ghost.service not found
and trying to stop, returns Unit ghost.service not loaded. Am I running the command from the correct location?
I've experienced 502 issues with ghost behind nginx several times over a few years of running it. I'm not sure if the cause of mine today is the same as yours, but what I observed was that after a restart ghost had changed its port number to one different than what its nginx config was listening on.
I followed these directions from https://web.archive.org/web/20200807095031/https://www.danwalker.com/running-ghost-on-a-5-digital-ocean-vps/ which resolved it for me:
See which port ghost is running on:
sudo netstat -plotn
Check that it matches the proxy_pass in the nginx config file in /etc/nginx/sites-enabled.
In my case the port in the nginx config had incremented to 2369 while the actual node process was running on 2368. Changing the proxy_pass port back to 2368 in my ghost blog's nginx config file resolved the issue for me.
I ran into the same problem after upgrading ghost.
Make sure the port number configured in your ghost's config file and the proxy_pass in your ghost site's nginx configuration files match.
Check the port number in
/var/www/ghost/config.production.json matches the proxy_pass port in the nginx config files.
/var/www/ghost/system/files/<yourDomainName>.<extension>.conf
/var/www/ghost/system/files/<yourDomainName>.<extension>-ssl.conf
In my case I had to change 2368 to 2369 in the nginx config files to fix the issue.
Make sure you restart your ghost and nginx after you make the changes.
# restart your ghost site
cd /var/www/ghost/
ghost restart
# restart nginx
sudo systemctl restart nginx
Hope this helps someone.
Apparently when I posted this issue it was due to a bug in the Ghost CLI that the ghost team were in the process of fixing.
They provided me with these instructions to run on my server:
systemctl stop ghost_www-blogwebsite-com
ghost update --force
The resulting output:
stopping Ghost [skipped]
Removing old Ghost versions [skipped]
This fixed the problem and updated to the correct version.
I setup my own landing page on my server with Nginx on top of it. I follow digital ocean 'How to' to get SSL certificat for it.
Now I finish to setup a Wordpress for my wife. Everything working well on plain HTTP but if I try to redo the process with let's encrypt : sudo certbot --nginx -d pamelajoa.com -d www.pamelajoa.com cerbot try to challenge the server but find out that there is already a certificat for my own website:
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: pamelajoa.com
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
XXX.YYY.acme.invalid
from [2001:41d0:8:6d9b::1]:443. Received 2 certificate(s), first
certificate had names "gfelot.xyz, www.gfelot.xyz"
Domain: www.pamelajoa.com
Type: unauthorized
Detail: Incorrect validation certificate for tls-sni-01 challenge.
Requested
XXX.YYY.acme.invalid
from [2001:41d0:8:6d9b::1]:443. Received 2 certificate(s), first
certificate had names "gfelot.xyz, www.gfelot.xyz"
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
Once again my own web site works on HTTPS and the WP works on HTTP so I don't think it's coming for my Nginx conf.
Any Idea ?
Found a solution that worked for me by using this option in your command :
--preferred-challenges http-01
or you may try to use this one :
--preferred-challenges http
Full command here :
sudo certbot --nginx --preferred-challenges http-01 -d www.kaokeb.com
Full post for this solution in this thread :
https://community.letsencrypt.org/t/expired-certification/60185/23