SSL error when customizing nginx: The certificate is not trusted in all web browsers

Bcat · September 10, 2021, 2:14pm

I changed some settings to serve other work on the same discourse server.

Some browsers show SSL notification when accessing the website (white page)

FIle: /var/discourse/containers/app.yml

templates:
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ratelimited.template.yml"
## Uncomment these two lines if you wish to add Lets Encrypt (https)
  # - "templates/web.ssl.template.yml"
  # - "templates/web.letsencrypt.ssl.template.yml"
  - "templates/web.socketed.template.yml"

The auto ssl generation function doesn’t run on change like above so I manually do it like this

cd /var/discourse
./launcher enter app
"/shared/letsencrypt"/acme.sh --cron --home "/shared/letsencrypt" --force
exit

Then systemctl restart nginx

Is my nginx conf

server {
    listen 443 ssl http2;

    ssl on;

    ssl_certificate         /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com/thuvienmuasam.com.cer;
    ssl_certificate_key     /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com/thuvienmuasam.com.key;

Last time was fine but this time it’s error like above

Tell me did I do it right?

Bcat · September 12, 2021, 2:58am

I’m aware that this question was asked about 6 months ago. So, in case you’re still searching for the solution, you might wanna try the following:

Copy the ca-bundle content (cert) and paste it after your domain cert in the Certificate (CRT) field .

Yes, this means that there are 2 certs in your CRT field (domain and ca-bundle) as example below:

Certificate (CRT)

-----BEGIN CERTIFICATE-----

(domain cert)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(ca-bundle cert)

-----END CERTIFICATE-----

File here: /var/discourse/shared/standalone/letsencrypt/thuvienmuasam.com

If this works, it’s just how the cert is installed at your hosting provider.

system · October 12, 2021, 2:58am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
502 Gateway Error on Nginx? installation	3	740	May 7, 2020
Upload error with nginx in front of Discourse installation	3	539	July 26, 2020
Using letsencrypt inside Discourse installation letsencrypt	12	606	April 21, 2019
SSL certificate expired and after that - Error 404 Not Found installation	2	736	January 6, 2023
Problem with my SSL certificate installation	16	10905	February 21, 2019

SSL error when customizing nginx: The certificate is not trusted in all web browsers

Related Topics