Installation produced zero byte key and no certificate

I installed Discourse by following installation instructions at discourse/INSTALL-cloud.md at master · discourse/discourse · GitHub. (Digital Ocean droplet)

After installation, I tried to visit the site in a browser and I get ‘connection refused’.

Some items of interests:

ls -l /var/discourse/shared/standalone/ssl/
-rw-r--r-- 1 root root 0 Jun 15 11:26 forums.MYDOMAIN.com.key
-rw-r--r-- 1 root root 0 Jun 15 11:26 forums.MYDOMAIN.com_ecc.key
./launcher logs app | grep letsencrypt
run-parts: executing /etc/runit/1.d/ **letsencrypt**
[Tue 15 Jun 2021 11:26:09 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
[Tue 15 Jun 2021 11:26:09 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
cat: /shared/ **letsencrypt** /forums.MYDOMAIN.com/forums.MYDOMAIN.com.key: No such file or directory
[Tue 15 Jun 2021 11:26:10 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
[Tue 15 Jun 2021 11:26:10 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
cat: /shared/ **letsencrypt** /forums.MYDOMAIN.com_ecc/forums.MYDOMAIN.com.key: No such file or directory

I’ve ran the installation multiple times with the same result. Any suggestions for my next step?

1 Like

Shot in the dark, but you wouldn’t happen to host a site with Netlify?

Edit: I had the same error with them.

Thanks Seth, I do not.

Rebuilding the app with SSL commented out works. Thus the error is in the letsencrypt portion. I don’t believe I am hitting a limit because when I look up certs, none are listed for this site.

Running on command line does not give me any more information

LE_WORKING_DIR=/shared/letsencrypt /shared/letsencrypt/acme.sh --issue -d community.grazinggrass.com -k 4096 -w /var/www/discourse/public --debug

When I added --server letsencrypt, I get the following error

MYDOMAIN.com:Verify error:Fetching http://MYDOMAIN.com/.well-known/acme-challenge/xDUsp83k9OJ-FjyBhihad1_WH2ixnliN7rU0JBUp7Zg: Connection refused
1 Like

Exactly the same problem here! Tried registering beforehand by running the command acme.sh --register-account -m my@example.com with my email, seems to have registered but reinstalling discourse gives exactly the same error.

1 Like

I did the same thing, @dmitchell . No change.

1 Like

Managed to get this working by forcing letsencrypt as default CA for the acme.sh script. Running this seems to do it:

./acme.sh --set-default-ca  --server  letsencrypt

And then rebuild the app.

2 Likes

This sounds like a bug and there have been other reports and you have a solution. I’ve not checked myself yet, but I’m moving this to bug

1 Like

It’s not working for me. Maybe I’m missing a step?

1 Like

I ran it on /var/discourse/shared/standalone/letsencrypt, but at the same time I also updated account.conf on the same directory, with the option:

DEFAULT_CA="https://acme-v02.api.letsencrypt.org/directory"

Not sure which one did the trick!

3 Likes

I can reproduce this. Just did an install on DO and am seeing connection refused. Can also confirm the zero byte key:

root@jomaxro-letsencrypt-testing:/var/discourse# ls -l /var/discourse/shared/standalone/ssl/
total 0
-rw-r--r-- 1 root root 0 Jun 16 16:31 le-testing.demo-by-discourse.com.key
-rw-r--r-- 1 root root 0 Jun 16 16:31 le-testing.demo-by-discourse.com_ecc.key
1 Like

I hit the heart, but I just want to confirm that your solution worked for me too.

It looks like it should be a quick fix for someone who’s good at such.

Working on a fix right now, hang tight

2 Likes

Working now for me after I rebuilt the app.

1 Like

This should be all fixed now with

5 Likes

shouldn’t the CA be set before the install command?

1 Like

Sorry about that and thanks for the report!

1 Like

Did you git pull and rebuild?

2 Likes

This topic was automatically closed after 2 days. New replies are no longer allowed.