SSL error when customizing nginx: The certificate is not trusted in all web browsers

I changed some settings to serve other work on the same discourse server.

Some browsers show SSL notification when accessing the website (white page)

FIle: /var/discourse/containers/app.yml

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
  # - "templates/web.ssl.template.yml"
  # - "templates/web.letsencrypt.ssl.template.yml"
  - "templates/web.socketed.template.yml"

The auto ssl generation function doesn’t run on change like above so I manually do it like this

cd /var/discourse
./launcher enter app
"/shared/letsencrypt"/acme.sh --cron --home "/shared/letsencrypt" --force
exit

Then systemctl restart nginx

Is my nginx conf

server {
    listen 443 ssl http2;

    ssl on;

    ssl_certificate         /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com/thuvienmuasam.com.cer;
    ssl_certificate_key     /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com/thuvienmuasam.com.key;

Last time was fine but this time it’s error like above

Tell me did I do it right?

I’m aware that this question was asked about 6 months ago. So, in case you’re still searching for the solution, you might wanna try the following:

  • Copy the ca-bundle content (cert) and paste it after your domain cert in the Certificate (CRT) field .

Yes, this means that there are 2 certs in your CRT field (domain and ca-bundle) as example below:

Certificate (CRT)

-----BEGIN CERTIFICATE-----

(domain cert)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(ca-bundle cert)

-----END CERTIFICATE-----

File here: /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com

If this works, it’s just how the cert is installed at your hosting provider.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.