search

lesaff / serverpilot-letsencrypt

(NO LONGER MAINTAINED) | Bash script to generate and install Let's Encrypt certificate for your websites on your ServerPilot account (Free or Paid Plan)
MIT License
346 stars 81 forks source link

Reinstall Error #31

Open bekircem opened 7 years ago

bekircem commented 7 years ago

I follow the instructions and installed letsencrypt. Installation successfully completed. But i can't see "secure" on the Google Chrome. So i delete .ssl.conf and reinstall. When i do that site is down. There is a error output on the terminal when i use "sudo service nginx-sp restart" command. 

root@******:/usr/local/bin# sudo service nginx-sp restart
Restarting nginx-sp: nginx: [emerg] BIO_new_file("/etc/letsencrypt/live/******.com/fullchain.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/live/*****.com/fullchain.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)
nginx-sp.
sinand commented 7 years ago

you should disable firewall from serverpilot, you can install another one from console later.

bekircem commented 7 years ago

@sinand It works, reinstall is successfull. But, on the Google Chrome "secure" is not shown yet when i go https url.

lesaff commented 7 years ago

@bekircem, Google Chrome is notorious for caching SSL. You might want to test your site on different browser (if available). If not, try clearing browser history on your Chrome.

bekircem commented 7 years ago

@lesaff not shown Opera Browser, IE and mobile.

Also i can not use force HTTPS. When i add codes to htaccess it gives me error. "ERR_TOO_MANY_REDIRECTS" Could it be related to that?

This is the site I'm working on. You can check it.

lesaff commented 7 years ago

Looks like there's an htaccess rule that keeps redirecting the site to http://

bekircem commented 7 years ago

@lesaff I'm still working on it so i delete codes on htaccess. But when i add it, it gives me "Too Many Redirects" error.

lesaff commented 7 years ago

Is there any other redirect rule somewhere in your htaccess that forces http?

bekircem commented 7 years ago

@lesaff Only Wordpress defaults codes. Also i use Cloudflare but Cloudflare's SSL is not activated and there is no page rules.

`# BEGIN WordPress

RewriteEngine On RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L]

END WordPress`

lesaff commented 7 years ago

I am not familiar with WP Supercache. Try turning it off or clearing the cache. Also, set your Cloudflare to dev mode for now. Here's your HTTP header info.

screen shot 2017-02-15 at 3 51 58 pm

bekircem commented 7 years ago

Cloudflare dev mode for a long time, i clear cache. But nothing is change.

oviliz commented 7 years ago

The CloudFlare DEV mode stays on only for 3 hours. Make sure is not that.

On 15 February 2017 at 19:58, Bekir Cem Ünalan notifications@github.com wrote:

Cloudflare dev mode for a long time, i clear cache. But nothing is change.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/lesaff/serverpilot-letsencrypt/issues/31#issuecomment-280121348, or mute the thread https://github.com/notifications/unsubscribe-auth/AAEfkDzCrb12oQvGbcs0P1FG8B2C6v1Vks5rc1jrgaJpZM4MCBfg .

bekircem commented 7 years ago

@oviliz I check it again,

Status: Development Mode

Caching for this website has been disabled. Expires in 02:22:23

lesaff commented 7 years ago

@bekircem, as soon as you can find what's redirecting your site traffic to http:// you should be able to get your https running.

bekircem commented 7 years ago

@lesaff I can't find because i have not change any settings on serverside and htaccess. It is default serverpilot server and serverpilot's force http settings but doesnt work. Pretty odd.

oviliz commented 7 years ago

@bekircem Would you cat your content of your Nginx website config file in /etc/nginx-sp/vhosts.d/yourwebsiteapp.conf?

bekircem commented 7 years ago

@oviliz 

server {
    listen       80;
    listen       [::]:80;
    server_name
        server-*****
        *****.com
        www.*****com
      ;

    root   /srv/users/serverpilot/apps/*****/public;

    access_log  /srv/users/serverpilot/log/*****/*****_nginx.access.log  main;
    error_log  /srv/users/serverpilot/log/*****/*****_nginx.error.log;

    proxy_set_header    Host              $host;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;

    include /etc/nginx-sp/vhosts.d/*****.d/*.nonssl_conf;
    include /etc/nginx-sp/vhosts.d/*****.d/*.conf;
}
oviliz commented 7 years ago

Sorry, I'm not using this script and now I've seen that apparently generates an extra separated *.ssl.conf for your app.

If that's the case, just make sure that it writes something similar to this (not sure where the script stores the SSL files):

server {
    listen       443 ssl http2;
    listen       [::]:443 ssl http2;
    server_name
        *****.com
        www.*****com
      ;

    ssl_certificate_key      ssl/*****.key;
    ssl_certificate          ssl/*****.combined_crt;

    root   /srv/users/serverpilot/apps/*****/public;

    access_log  /srv/users/serverpilot/log/*****/*****_nginx.access_ssl.log  main;
    error_log  /srv/users/serverpilot/log/*****/*****_nginx.error_ssl.log;

    proxy_set_header    Host              $host;
    proxy_set_header    X-Real-IP         $remote_addr;
    proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
    proxy_set_header    X-Forwarded-SSL   on;
    proxy_set_header    X-Forwarded-Proto $scheme;

    include /etc/nginx-sp/vhosts.d/*****.d/*.ssl_conf;
    include /etc/nginx-sp/vhosts.d/*****.d/*.conf;
}