install new site but security certificate is not trusted

[ghost]

security certificate is not trusted after install new website. Website is installed but get warning from browsers.

-- vars.yml --

wordpress__table_prefix: 'xxxwp' wordpress__disable_file_edit: True

wordpressssl: True wordpressssl_provider: 'letsencrypt'

wordpressadmin_email: 'xxxxxxx@gmail.com' wordpress__admin_username: 'xxxxxxxx' wordpresstitle: 'ONE'

wordpressvarnishadd_ban_lurker_headers: True wordpressvarnishpurge_conditions: 'req.http.X-Purge-Method ~ "(?i)regex"': | ban("obj.http.X-Url ~ " + req.url + " && obj.http.X-Host == " + req.http.host); return (synth(200, "Purged"));

[tobeycodes]

Do you have something in your /etc/pki/realms/HOSTNAME/acme/error.log?

If yes, you need to make sure your server is publicly accessible so a certificate can be issued. Once you have set your A records and your DNS has propagated you can run.

rm /etc/pki/realms/HOSTNAME/acme/error.log
/usr/local/lib/pki/pki-realm run -n "HOSTNAME"

Replace HOSTNAME with the sites address

I also had this issue recently and Carl helped. Perhaps this should go into the Wiki?

[ghost]

Nope there is nothing like "error.log" in "/etc/pki/realms/HOSTNAME/acme/" directory in the production server.

I run

/usr/local/lib/pki/pki-realm run -n "HOSTNAME"

restart the droplet then revisit the website , still got security certificate is not trusted

[tobeycodes]

Did you replace HOSTNAME with your droplets hostname?

[ghost]

yap I did

[tobeycodes]

Can you share the url?

[ghost]

https://onemgg.com

[carlalexander]

This one is my bad. Pushed a change that I thought was working and it broke it. If you pull the latest changes and run debops wordpress it'll create the certificate for you like it should.