For example, if I have a site (https://under100words.com) and manually disable Let's Encrypt by placing false in /srv/under100words.com/config/ssl-provider and moving the config/ssl directory out of the way, symbiosis-httpd-configure will disable the specific SSL cert for the site, swapping it to self-signed.
This is fine, and to be expected, however it does this by removing the relevant symlink from /etc/apache2/sites-enabled, which has the effect of flagging the site as "manually disabled", dropping it back to mass hosting, if configured.
Restoring the SSL configuration (removing ssl-provider and restoring config/ssl) then re-running symbiosis-httpd-configure --verbose you get:
# symbiosis-httpd-configure --verbose
[ . . . ]
Domain: under100words.com
Current SSL set 1: signed by /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3, expires 2018-02-20 13:36:22 UTC
This site has SSL enabled, and is using the host's primary IPs -- continuing with SNI.
SSL is enabled -- using SSL template
Adding to configurations
[ . . . ]
Configuration: under100words.com.conf
Configuration is up-to date.
!! Configuration has been manually disabled.
So, it's still thinking that the site was manually disabled, so even if it managed to create the individual config as there are valid SSL certs, it's not being symlinked.
A manual workaround is to run symbiosis-httpd-configure for the specific site:
# symbiosis-httpd-configure --verbose under100words.com
Domain: under100words.com
Current SSL set 1: signed by /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3, expires 2018-02-20 13:36:22 UTC
This site has SSL enabled, and is using the host's primary IPs -- continuing with SNI.
SSL is enabled -- using SSL template
Adding to configurations
Configuration: under100words.com.conf
Configuration is up-to date.
Enabling configuration.
Reloading Apache
This instead enables the config anyway, and things work normally again.
I had a similar issue when trying to transition from a "trusted authority" certificate to a letsencrypt certificate.
Running # symbiosis-httpd-configure --verbose my.site.name seemed to fix it.
For example, if I have a site (https://under100words.com) and manually disable Let's Encrypt by placing
false
in/srv/under100words.com/config/ssl-provider
and moving theconfig/ssl directory
out of the way,symbiosis-httpd-configure
will disable the specific SSL cert for the site, swapping it to self-signed.This is fine, and to be expected, however it does this by removing the relevant symlink from
/etc/apache2/sites-enabled
, which has the effect of flagging the site as "manually disabled", dropping it back to mass hosting, if configured.Restoring the SSL configuration (removing
ssl-provider
and restoringconfig/ssl
) then re-runningsymbiosis-httpd-configure --verbose
you get:So, it's still thinking that the site was manually disabled, so even if it managed to create the individual config as there are valid SSL certs, it's not being symlinked.
A manual workaround is to run
symbiosis-httpd-configure
for the specific site:This instead enables the config anyway, and things work normally again.