Closed RitZz48 closed 2 years ago
Deleting "verifications" section from /usr/local/hestia/bin/v-add-web-domain-ssl allows the command line SSL installer to do its job. I am using the SSL CA as downloaded from https://developers.cloudflare.com/ssl/static/origin_ca_rsa_root.pem Hestia reports that it's invalid. Disabling verifications allows everything to work.
If you include the CF root certificate it should work fine
I did include the CF root certificate. I have been using Hestia with CF certificates for some time, a recent update broke things.
@RitZz48 In your case your are missing the root certificates from Cloudlfare they should be included as the chain is not valid.
Did you put the origin from CA from Cloudflare at the last (third) box?
Sorry I just noticed its for thr panel. You need to put it just below the SSL certificate in the first box.
Btw @jaapmarcus there was a bug with Cloudflare not displaying correctly in the very early HestiaCP versions. However SSL was working properly. But that was fixed long time ago.
@ioannidesalex - yes, I pasted in the origin certificate. I has worked in the past, this time, I get an invalid certificate error. It worked properly on June 17, something broke between then and now. I am running Debian 11, perhaps there is an issue with openssl.
Sorry I just noticed its for thr panel. You need to put it just below the SSL certificate in the first box.
So like Paste the normal ceritificate and then root certificate with 'enter' in between?
Top two boxes from https://dash.cloudflare.com/guid/domain.com/ssl-tls/client-certificates/form Bottom box from https://developers.cloudflare.com/ssl/static/origin_ca_rsa_root.pem
You can also insert the .pem + root file in the top box
And the key in the last box.
Also I am not able to replicate the behaviour where it saves and return no error.. and it didn't save. Always an error is visible.
@ioannidesalex @RitZz48 , Follow the instruction on the youtube works,. https://youtu.be/BK7qyPa-VmI?t=434 To do this, you can add the Cloudflare certificate authority to your server like this:
sudo su -
wget https://developers.cloudflare.com/ssl/static/origin_ca_rsa_root.pem
mv origin_ca_rsa_root.pem origin_ca_rsa_root.crt
cp origin_ca_rsa_root.crt /usr/local/share/ca-certificates
update-ca-certificates
@jaapmarcus Experience a UI issue while updating the SSL in the configure. Same UI issue as the youtube reference https://youtu.be/BK7qyPa-VmI?t=644
Describe the bug
https://user-images.githubusercontent.com/102799834/176957437-6c421323-f4ee-47e0-bdeb-3bdad24aaf06.mp4
Issue with CloudFlare SSL installation for the panel subdomain. Whenever I try to save it, it prints successful but doesn't save the SSL. as shown in the video above.
Tell us how to replicate the bug
Not sure, But since its occuring to me whenever I try to add Cloudflare SSL. I assume it'll be the same for you?
Which components are affected by this bug?
Control Panel Backend, Control Panel Installation or Upgrade, Control Panel Web Interface, Let's Encrypt SSL
Hestia Control Panel Version
1.6.2
Operating system
Ubuntu 20.04.4 LTS
Log capture
No response