Installation produced zero byte key and no certificate

I installed Discourse by following installation instructions at discourse/INSTALL-cloud.md at master · discourse/discourse · GitHub. (Digital Ocean droplet)

After installation, I tried to visit the site in a browser and I get ‘connection refused’.

Some items of interests:

ls -l /var/discourse/shared/standalone/ssl/
-rw-r--r-- 1 root root 0 Jun 15 11:26 forums.MYDOMAIN.com.key
-rw-r--r-- 1 root root 0 Jun 15 11:26 forums.MYDOMAIN.com_ecc.key

./launcher logs app | grep letsencrypt
run-parts: executing /etc/runit/1.d/ **letsencrypt**
[Tue 15 Jun 2021 11:26:09 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
[Tue 15 Jun 2021 11:26:09 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
cat: /shared/ **letsencrypt** /forums.MYDOMAIN.com/forums.MYDOMAIN.com.key: No such file or directory
[Tue 15 Jun 2021 11:26:10 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
[Tue 15 Jun 2021 11:26:10 AM UTC] **Please check log file for more details: /shared/letsencrypt** /acme.sh.log
cat: /shared/ **letsencrypt** /forums.MYDOMAIN.com_ecc/forums.MYDOMAIN.com.key: No such file or directory

I’ve ran the installation multiple times with the same result. Any suggestions for my next step?

Shot in the dark, but you wouldn’t happen to host a site with Netlify?

Edit: I had the same error with them.

Thanks Seth, I do not.

Rebuilding the app with SSL commented out works. Thus the error is in the letsencrypt portion. I don’t believe I am hitting a limit because when I look up certs, none are listed for this site.

Running on command line does not give me any more information

LE_WORKING_DIR=/shared/letsencrypt /shared/letsencrypt/acme.sh --issue -d community.grazinggrass.com -k 4096 -w /var/www/discourse/public --debug

When I added --server letsencrypt, I get the following error

MYDOMAIN.com:Verify error:Fetching http://MYDOMAIN.com/.well-known/acme-challenge/xDUsp83k9OJ-FjyBhihad1_WH2ixnliN7rU0JBUp7Zg: Connection refused

Exactly the same problem here! Tried registering beforehand by running the command acme.sh --register-account -m my@example.com with my email, seems to have registered but reinstalling discourse gives exactly the same error.

I did the same thing, @dmitchell . No change.

Managed to get this working by forcing letsencrypt as default CA for the acme.sh script. Running this seems to do it:

./acme.sh --set-default-ca  --server  letsencrypt

And then rebuild the app.

This sounds like a bug and there have been other reports and you have a solution. I’ve not checked myself yet, but I’m moving this to #bug

It’s not working for me. Maybe I’m missing a step?

I ran it on /var/discourse/shared/standalone/letsencrypt, but at the same time I also updated account.conf on the same directory, with the option:

DEFAULT_CA="https://acme-v02.api.letsencrypt.org/directory"

Not sure which one did the trick!

I can reproduce this. Just did an install on DO and am seeing connection refused. Can also confirm the zero byte key:

root@jomaxro-letsencrypt-testing:/var/discourse# ls -l /var/discourse/shared/standalone/ssl/
total 0
-rw-r--r-- 1 root root 0 Jun 16 16:31 le-testing.demo-by-discourse.com.key
-rw-r--r-- 1 root root 0 Jun 16 16:31 le-testing.demo-by-discourse.com_ecc.key

I hit the heart, but I just want to confirm that your solution worked for me too.

It looks like it should be a quick fix for someone who’s good at such.

Working on a fix right now, hang tight

Working now for me after I rebuilt the app.

This should be all fixed now with

shouldn’t the CA be set before the install command?

Sorry about that and thanks for the report!

Did you git pull and rebuild?

This topic was automatically closed after 2 days. New replies are no longer allowed.