After initial setup of DigitalOcean droplet, get Refused to Connect error

I have followed the tutorial found below to set up discourse on a DigitalOcean Droplet.

https://github.com/discourse/discourse/blob/master/docs/INSTALL-cloud.md

But when I go the the corresponding IP address, I get

"""This site can’t be reached
192.241.***.*** refused to connect."""

What are the possible reasons for a refused to connect error? Could this be related to SSL certificates?

Thanks!
Ben

Those instructions don’t include SSL setup so unless you have done something extra - probably not an SSL issue.

The most common setup to complete is for a “domain name” not an IP address…
… I would suggest starting again following the instructions and using a domain name from a domain you control / own.

4 Likes

Just to point out something that happened to me. I used a testing server whose setup is entirely done by ansible, and after I use the site, I destroy it (ansible handles the destruction of the droplets, digital ocean spaces and so on, so that I’m not charged when not using).

What happened is that LetsEncrypt have rate limits, and my domain exceeded, so I started receiving the error that the page couldn’t be reached and it was a bit hard to track the reason to the rate limit of certificates (first I thought should be something about IPv6 or SSL + IPv6).

Running ./launcher logs app I saw a huge number of errors, basically saying:

nginx: [emerg] cannot load certificate "/shared/ssl/mydomain.com.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)

lots and lots of times…

In the very beggining of the logs (thankfully the number of lines to be displayed in the terminal was not exceeded) there was the reason:

Create new order error. Le_OrderFinalize not found. {
  "type": "urn:ietf:params:acme:error:rateLimited",
  "detail": "Error creating new order :: too many certificates already issued for exact set of domains: mydomain.com: see https://letsencrypt.org/docs/rate-limits/",
  "status": 429
}

So for anyone that face it in the future, make sure to not exceed the rate limit (in my case, for these test sites that I create several times per week, I can just not use ssl to avoid this problem).

9 Likes

Thanks Lucas - that saved me.

“Fixed” by commenting out the two SSL templates in the app config file and rebuilding. Will still need to reattempt getting a new cert in 7 days.

3 Likes