Cockpit works on a non-HTTPS site with port 9090, but fails to connect when using HTTPS with Let's Encrypt and Certbot + Nginx Reverse proxy to use it with a DuckDNS subdomain.
Error is as follows which appears on the web interface when I log in with my details:
Connection failed
There was an unexpected error while connecting to the machine.
Messages related to the failure might be found in the journal:
journalctl -u cockpit
Steps to reproduce:
Install Cockpit on a machine.
Install nginx and configure a reverse proxy to create a subdomain for DuckDNS. (for example, cockpit.yourdomain.duckdns.org)
Configure HTTPS using Let's Encrypt and Certbot on a DuckDNS subdomain.
Attempt to access Cockpit via HTTPS.
Expected Behavior:
Cockpit should connect and load the interface over HTTPS.
Actual Behavior:
Cockpit loads the interface over the domain, but can't go beyond login with the above error message.
Version of Cockpit
314-1
Where is the problem in Cockpit?
None
Server operating system
Ubuntu
Server operating system version
24.04 LTS
What browsers are you using?
Chrome, Edge, Brave
System log
Jun 08 03:15:26 ip-172-31-1-26 systemd[1]: Starting cockpit.service - Cockpit Web Service...
Jun 08 03:15:26 ip-172-31-1-26 systemd[1]: Started cockpit.service - Cockpit Web Service.
Jun 08 03:15:26 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:27 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:29 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:29 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:30 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:30 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:30 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:30 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:30 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:37 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:37 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:37 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:37 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:38 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:15:38 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:16:47 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:16:47 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:16:47 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:16:47 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:17:08 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:27:50 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:27:50 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Jun 08 03:27:52 ip-172-31-1-26 cockpit-tls[1644]: cockpit-tls: gnutls_handshake failed: A TLS fatal alert has been received.
Issue:
Cockpit works on a non-HTTPS site with port 9090, but fails to connect when using HTTPS with Let's Encrypt and Certbot + Nginx Reverse proxy to use it with a DuckDNS subdomain.
Error is as follows which appears on the web interface when I log in with my details:
Connection failed There was an unexpected error while connecting to the machine. Messages related to the failure might be found in the journal: journalctl -u cockpit
Steps to reproduce:
Expected Behavior:
Cockpit should connect and load the interface over HTTPS.
Actual Behavior:
Cockpit loads the interface over the domain, but can't go beyond login with the above error message.
Version of Cockpit
314-1
Where is the problem in Cockpit?
None
Server operating system
Ubuntu
Server operating system version
24.04 LTS
What browsers are you using?
Chrome, Edge, Brave
System log