Implementing SSL for Discourse


(Rana Muhammad Ahsan) #1

I have implemented discourse using standard docker method, and for implementing SSL I’m following this post:https://meta.discourse.org/t/allowing-ssl-https-for-your-discourse-docker-setup/13847

I’m performing all the mentioned steps like:
-> Putting certificate and key in the right folder
-> Changing app.yml, and exposing 443 port for ssl

After doing all the changes, when I rebuild my app my SSL is not working, and my site just don’t load. My SSL test result at SSL labs is also failing. Can you please help me figure out what I’m doing wrong ?


(Alan Tan) #2

Any errors in ./launcher logs app?


(Rana Muhammad Ahsan) #3

Yes recently I’m getting this error:
SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch


(Rana Muhammad Ahsan) #4

@tgxworld Do we also have to change the nginx configuration file inside the container after following this post ?


(Alan Tan) #5

Judging from the error it looks like you supplied the wrong key?


(Rana Muhammad Ahsan) #6

I generated the key and csr using the following command :
openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

And, then used the generated csr file to get the certificate, which I placed alongside my key


(Matt Palmer) #7

The error message says different. Somewhere in the process, a key got switched for a different one.