PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

I tried to set up forum using discourse on ubuntu 20.04 LTS on VPS. But after install I get:

nginx: [emerg] cannot load certificate "/shared/ssl/domain.org.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)
nginx: configuration file /etc/nginx/nginx.conf test fail

My domain is:

I ran this command:

sudo nginx -t

It produced this output:

nginx: [emerg] cannot load certificate "/shared/ssl/domain.org.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

nginx: configuration file /etc/nginx/nginx.conf test fail

My web server is (include version):

nginx version: nginx/1.18.0

Should I create a certificate? This appears after I clone the latest repo from github. Is this a desired behavior?

If you did a Discourse official Standard Installation and deleted everything and started over a bunch of times, you hit the let’s encrypt rate limit and can’t get a certificate for a week. You can bypass this if you follow Setting up Let’s Encrypt with Multiple Domains and add some other domain to the site. You could also just use a different name or wait a week.

2 Likes

So week(7 days) is an time I must to wait to set up again everythink?

That’s my best guess from what you described.

Ok, lets wait. I will post after if thats worked.

For the record, I’ve had the same issue and the problem was that I forgot to redirect port 80 to the server.

The DNS check done by discourse-server.sh might be done on port 443 only and did not detect the problem.

But Let’s Encrypt does need the port 80 also open.

1 Like