Error after moving from HTTP to HTTPS


(Spooky) #1

I’ve followed the LetsEncrypt installation procedure for installing SSL for my website.

What I did:

  • Created an image of the original Discourse forum (EC2 AMI)
  • Launched it again
  • Checked that it works (it did)
  • Followed the installation procedure and rebuilt the app
  • Tried to access the app via HTTPS and also via HTTP, neither worked. I got "“This site can’t be reached” error in Chrome

In the logs:

nginx: [emerg] PEM_read_bio_X509_AUX("/shared/ssl/sub.domain.com.cer") failed (SSL: error:0906D06C:PEM routines: PEM_read_bio_no start line: Expecting: TRUSTED CERTIFICATE)

That error repeat itself several times in the log.

When I check the certificate in the/var/discourse/shared/standalone/ssl directory, I see that it is empty.

I also checked the acme.sh.log and there is shows:

Invalid response from http://forum.example.com/.well-known/acme-challenge/xxxxxxxxxxxx-xxxxxxx

I believe that during that command, the server wasn’t accessible via HTTP as it wasn’t even available after the rebuild of the app as well.

I have root access to the AWS EC2 server via SSH.

Help would be greatly appreciated. Thanks.


(Spooky) #2

I solved it. The problem was that the elastic IP was directing to the HTTP server, so SSL certificate could not be issued for it. I changed the elastic IP address to point to the HTTPS server and it works.


(Joshua Rosenfeld) #3