Hi,
Please help with below issue.
Letsencrypt cert expired, thought that rebuilding the app would renew the cert ,rebuild done.
Now I get this error nginx: [emerg] PEM_read_bio_X509_AUX("/shared/ssl/javaqna.com.cer") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
Have you tried to remove the old one (ssl folder) and than rebuild it?
Hi Markus,
Thanks for the reply.
i have executed below from the thread
rm -rf /var/discourse/shared/standalone/ssl
rm -rf /var/discourse/shared/standalone/letsencrypt
./launcher rebuild app
not sure what i’m missing 
What do the rebuild logs say?
I get the message
[emerg] PEM_read_bio_X509_AUX("/shared/ssl/javaqna.com.cer") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
also mentioned in the first thread itself.
Thank you.
Hi,
Any one help with this issue. not able to understand what is the error with letsencrypt. tried rebuilding by removing ssl folder cert files serveral times as mentioned above, but no luck.
Thanks.
I worked with @Umashankar_Ankuri and this looks like a case where the domain’s IPv6 address was configured incorrectly causing the validation check to fail.
https://github.com/Neilpang/acme.sh/issues/867
@Umashankar_Ankuri can confirm the problem once he fixes his DNS settings.
Aaah, yes, that been causing some heartburn over on the LE forums.
HI Guo Xiang Tan,
I have fixed problem with IPV6, just removed those records from DNS. and discourse is now up!! we can mark this as fixed.
Just wondering how it worked for the first time!!
Thank you.
As per the LE forum topic I linked to earlier, LE recently changed their behaviour from preferring IPv4 to preferring IPv6 records first.
This topic was automatically closed after 2527 days. New replies are no longer allowed.