Utilisation de l'ancien certificat ssl au lieu de letsencrypt après la mise à jour ?

Soutien
1

After an update, Discourse is using what I think is a very old ssl certiciate I used to use long ago instead of a letsencrypt certificate.

image
image990×574 90.7 KB

I believe I used StartCom long long ago, but long since switched to letsencrypt.

My app.yml has:

templates:
  - "templates/cron.template.yml"
  - "templates/postgres.template.yml"
  - "templates/redis.template.yml"
  - "templates/sshd.template.yml"
  - "templates/web.template.yml"
  - "templates/web.ssl.template.yml"
  - "templates/web.letsencrypt.ssl.template.yml"

Somehow its reverted to using the old certificate.

Any suggestions on how I can resolve this?

I rebuilt do see exactly what it says, and it shows:

I, [2025-10-06T06:29:29.144007 #1]  INFO -- : File > /etc/runit/1.d/install-ssl  chmod: +x  chown: 
I, [2025-10-06T06:29:29.144328 #1]  INFO -- : Replacing # after ssl with if [ -n "$LETSENCRYPT_ACCOUNT_EMAIL" ]; then
  if [[ ! "$LETSENCRYPT_ACCOUNT_EMAIL" =~ ([^@]+)@([^\.]+) ]]; then
    echo "LETSENCRYPT_ACCOUNT_EMAIL is not a valid email address"
    exit 1
  fi
  /usr/local/bin/configure-ssl
  exec /usr/local/bin/configure-letsencrypt
else
  echo "LETSENCRYPT_ACCOUNT_EMAIL ENV not set. Skipping Let's Encrypt setup."
fi
# after ssl in /etc/runit/1.d/install-ssl
I, [2025-10-06T06:29:29.149199 #1]  INFO -- : File > /usr/local/bin/configure-ssl  chmod: +x  chown: 
I, [2025-10-06T06:29:29.149595 #1]  INFO -- : > curl https://raw.githubusercontent.com/acmesh-official/acme.sh/3.0.6/acme.sh > /opt/acme.sh
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  215k  100  215k    0     0   989k      0 --:--:-- --:--:-- --:--:--  993k
I, [2025-10-06T06:29:29.388552 #1]  INFO -- : 
I, [2025-10-06T06:29:29.388677 #1]  INFO -- : > chmod +x /opt/acme.sh
I, [2025-10-06T06:29:29.390922 #1]  INFO -- : 
I, [2025-10-06T06:29:29.395637 #1]  INFO -- : File > /usr/local/bin/configure-letsencrypt  chmod: +x  chown: 
I, [2025-10-06T06:29:29.399975 #1]  INFO -- : File > /usr/local/bin/letsencrypt  chmod: +x  chown:

So it looks like it is doing the letsencrypt stuff, but then for some reason using a different certificate.

I can see my certificate used to/lives at:

/var/discourse/shared/standalone/ssl/forum.keyboardmaestro.com.cer
/var/discourse/shared/standalone/ssl/forum.keyboardmaestro.com_ecc.key
/var/discourse/shared/standalone/ssl/forum.keyboardmaestro.com_ecc.cer
/var/discourse/shared/standalone/ssl/forum.keyboardmaestro.com.key

but it seems to be picking up

/shared/ssl/ssl.crt

I think?

2

So I took a chance and (after saving copies) deleted /shared/ssl/forum.* and /shared/ssl/ssl* and rebuilt again, and that seems to have resolved it.

So it looks like it is picking up /shared/ssl/ssl.crt if an old one of them is lying around, rather than using the ones it is meant to be using.

2 « J'aime »