Open t3539 opened 2 years ago
Looks like a certificate issue. The certificate and private key should be the same as the one you use to serve your website via https. e.g.,
ssl-cert /etc/letsencrypt/live/goaccess/fullchain.pem
ssl-key /etc/letsencrypt/live/goaccess/privkey.pem
Also, you don't have to pass --ws-url
unless your goaccess instance is running on a different server than the one serving your website. Also, please make sure you are accessing the website via https://yourwebsite.com/report.html
Let me know if that helps.
Hi allinurl, thanks for your reply. I've tried a few more things, mostly I wasn't expecting to them to make a difference. So far no luck
cat /etc/apache2/sites-enabled/website.com-ssl.conf :
...
SSLCertificateFile /etc/letsencrypt/live/website.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/website.com/privkey.pem
...
Command run from home directory:
goaccess --real-time-html -o /var/www/website.com/public/report.html --ssl-cert fullchain.pem --ssl-key privkey.pem /var/log/apache2/access.log
(/var/www/website.com/public/ is document root)
I've checked the port is open and accessible via port testers
I've removed every other file in document root, including .htaccess in case there was some weird redirect/sym link somehow messing things up (different server I know but I'm out of options...)
I've tried running Firefox in safe mode in case it was some odd setting I had enabled
Back to the certificate...
Tried fullchain.pem/privkey.pem without changing permission and with changing permissions to 777. Tried with files in default location and in working directory
SSL Labs doesn't report any problems with certificate, if that counts for anything...
My certificate is the result of:
sudo certbot certonly --manual --preferred-challenges dns --key-type ecdsa --elliptic-curve secp384r1 --staple-ocsp --must-staple -d website.com -d www.website.com
Tried renewing with the RSA version, because, well, I'm out of options.
Maybe it's stapling? Although I'm reluctant to try renewing letsencrypt too many times in case I hit some rate limit/throttle thing
I assume it's not supposed to be run as root or anything...
I will keep thinking
I can get goaccess working locally and now I'm trying to get it working on production server.
I'm trying to setup goaccess with live reporting over wss
Firefox is giving error: Firefox can’t establish a connection to the server at wss://website.com:7890/.
and command line / server says:
I'm trying to use a certificate from letsencrypt that works fine over https. I'm assuming it should be possible because I see examples of other people in here using it
This is the command I'm working with:
goaccess --real-time-html -o /var/www/website.com/test_report.html --ssl-cert /home/basic/cert1.pem --ssl-key /home/basic/privkey1.pem --ws-url=wss://website.com:7890 /var/log/apache2/access.log
Lots of guides says I need to set
--ssl-cert
and--ssl-key
without saying specifically what I need to set them to. I've also triedfullchain1
. I've changed permissions to 777 incase. I've tried converting them to .key and .crt files. It's unclear to me what I needs to change.