Hi there,
I just installed Discourse fresh on a Ubuntu 20 server. I followed the standard installation procedure and noticed a few strange things in the logs inclusive a couple of errors and warnings. I ran the launcher rebuild app a few times on the same day - every time however the log shows after pointing out where the Let’s Encrypt certificates located are the error - i masked the fqdn with “abc”:
…
-----END CERTIFICATE-----
Your cert is in /shared/letsencrypt/abc/abc.cer
Your cert key is in /shared/letsencrypt/abc/abc.key
The intermediate CA cert is in /shared/letsencrypt/abc/ca.cer
And the full chain certs is there: /shared/letsencrypt/abc/fullchain.cer
O = Digital Signature Trust Co., CN = DST Root CA X3
error 10 at 3 depth lookup: certificate has expired
Using CA: https://acme-v02.api.letsencrypt.org/directory
…
The script seems than to try to finalize the signing of the certificate and after successfull attempt, i get again the list of certificate locations. The certificates get installed, but when the script restarts nginx, the following error re-appears:
…
Run reload cmd: sv reload nginx
warning: nginx: unable to open supervise/ok: file does not exist
Reload error for :
O = Digital Signature Trust Co., CN = DST Root CA X3
error 10 at 3 depth lookup: certificate has expired
O = Digital Signature Trust Co., CN = DST Root CA X3
error 10 at 3 depth lookup: certificate has expired
Started runsvdir, PID is 4266
…
Both those tasks are being executed a second round with the same effect.
I can browse to the forum using https albeit the browser informs me that the site is not secure - it says some content such as images are not secure. I also shows in the Security details in Firefox that the website doesn’t supply ownership information and that it’s not specified who verified I guess the certificate. When i click on View certificate everything seems however to be in order - even the expire of the certs is next year.
Any idea what the logs errors/warning could be related to and how to fix them?
Thanks,
Goppi