فشل تعطيل letsencrypt وتشغيل discourse-setup ظهرت به تنبيهات غير طبيعية

تثبيت
1

I try to reconfig about ssl certificate, want to disable letsencrypt free certificate.
Because I have a purchase certificate, I found some operations through Google.

Modify app.yml directly and confirm key & cer in the /var/discourse/shared/standalone/ssl/
and file name are consistent with config file, then rebuild I get the result is failed still use letsencrypt cer

nginx have some error log :


2021/09/25 16:37:26 [emerg] 48#48: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:27 [emerg] 78#78: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:28 [emerg] 80#80: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:29 [emerg] 82#82: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:30 [emerg] 95#95: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:31 [emerg] 104#104: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:32 [emerg] 106#106: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

Have confirm file in the directory

root@discourse-test:/var/discourse/shared/standalone/ssl# ls -al ssl.*
-rw-r--r-- 1 root root 7868 Sep 25 16:24 ssl.cer
-rw------- 1 root root 1675 Sep 25 16:24 ssl.key

And found some discussion in following url :

Removing Let’s Encrypt from installation choice

When I run ./discourse-setup I get the alert :

./discourse-setup: line 471: [: 1234567890123456: binary operator expected

Have any suggest to disable letsencrypt or resolve reconfig problem?

إعجابَين (2)
2

There are some topics about how to use your own certificate. You can try searching, but this niche be it Advanced Setup Only: Allowing SSL / HTTPS for your Discourse Docker setup

إعجاب واحد (1)
3

Hi pfaffman

Thanks for your reply.
For the information you provided, I already have areference and experiment.
But result is failed, nginx service is can’t read file.

The error message is the description above :

2021/09/25 16:37:26 [emerg] 48#48: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:27 [emerg] 78#78: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:28 [emerg] 80#80: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:29 [emerg] 82#82: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:30 [emerg] 95#95: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:31 [emerg] 104#104: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)

2021/09/25 16:37:32 [emerg] 106#106: cannot load certificate "/shared/ssl/ssl.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/shared/ssl/ssl.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file)
إعجاب واحد (1)
4

I success change use myself certificate.

I keep using the wrong credential file name, the nginx setting need crt file but I keep install and test cer file.
so, I sloved ssl problem.

Thank you

3 إعجابات
5

Something that stood out in your first couple of posts was

cannot load certificate "/shared/ssl/ssl.crt"

and
Have confirm file in the directory

root@discourse-test:/var/discourse/shared/standalone/ssl# ls -al ssl.*

Notice the difference after /shared/ part of the paths. Nginx was expecting the ssl.crt file to be in the shared/ssl/ folder. You found it in shared/standalone/. The file wasn’t in the path where nginx was looking for it.

6

@JimPas Thanks for your reply
I provide info the path not match. because one path is docker volume path other one is real server file path.

Advanced Setup Only: Allowing SSL / HTTPS for your Discourse Docker setup

volumes:
  - volume:
      host: /var/discourse/shared/standalone
      guest: /shared

seems not match, but in fact is same.
the first problem, I was resolve.
root case for me is I didn’t notice certificate format.
config is settings crt format, but I always use cer format file so nginx not success read certificate file.

إعجابَين (2)
7

:man_facepalming:
I never noticed that. Well, slap my wrists!
Glad you realized it and got it fixed. :+1:

إعجاب واحد (1)
8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.