Since around September 30th 2021 (as far as I can tell) my site has been generating certificate errors your connection is not private NET::ERR_CERT_COMMON_NAME_INVALID’ security warning. This server couldn’t prove that it’s www.nzarchitecture.net.nz ; its security certificate is from nzarchitect…

The content is right but indentation is important in the yml file, so that needs to be corrected: after_ssl: - replace: filename: “/etc/runit/1.d/letsencrypt” from: /--keylength/ to: “-d www.nzarchitecture.net.nz --keylength” You will need to rebuild for it to take ef…

it’s an facebook issue that they need to fix. the cert is 100% legit SSL Checker Use our fast SSL Checker will help you troubleshoot common SSL Certificate installation problems on your server including verifying that the correct certificate is installed, valid, and properly trusted. …

That seems similar to… https://meta.discourse.org/t/configuring-google-login-for-discourse/15858/239

The thing is that even I see these errors when including ‘www’ in the url I paste/type into browser - so even though there is no actual risk, users are being hit with worrying warnings. with or without the Facebook compliance issue. Facebook meanwhile refuse to review the matter until the error dis…

in your config file /var/discourse/containers/app.yml what is your DISCOURSE_HOSTNAME: set to ?

[image] Paul_King: The issue is triggered when url https://www.nzarchitecture.net.nz is used, but not when https://nzarchitecture.net.nz is used If you real site is under the non-www domain, you must register the non-www domain in the Facebook system. Can’t mix and mingle that.

app.yml shows DISCOURSE_HOSTNAME: nzarchitecture.net.nz

[image] Falco: If you real site is under the non-www domain, you must register the non-www domain in the Facebook system. Can’t mix and mingle that. OK, I suppose that makes sense - but from a DNS point of view one is an alias of the other (or so I believed) - and it is is going to be hard to…

It’s not really an “alias” but a redirect. And you need to properly configure a redirect, which includes having a certificate in place for the place the redirect lives. For example, our partners at communiteq provide a service for that at https://www.forcewww.com/

[image] Falco: It’s not really an “alias” but a redirect. And you need to properly configure a redirect, which includes having a certificate in place for the place the redirect lives. Until recently, this had never been a problem - no Facebook warning, and no certificate warnings with or with…

[image] Paul_King: Is there any way to get the default free Let’s Encrypt’ certificate to certify both options? Keen not to complicate things with extra certificates to manage and extra cost You can add an extra line or two to your app.yml. This worked for me when I was having issues: …

Facebook login was flagged as non compliant by Facebook after change to Let's Encrypt certificate system

Support

JammyDodger October 27, 2021, 2:16pm 11

You can add an extra line or two to your app.yml. This worked for me when I was having issues:

Topic		Replies	Views
Non www to www without certificate error Self-hosting	13	1921	January 17, 2022
LetsEncrypt working without www, not with www Support	11	1924	January 19, 2020
About force www to non www Support	29	2914	January 6, 2019
Www to non www with https Support	10	611	November 13, 2023
Making 'www' work with Discourse Support	30	2511	May 15, 2020

Facebook login was flagged as non compliant by Facebook after change to Let's Encrypt certificate system

Related topics