SS stops on certificate generation

[damiafaw]

Hello, currently running through Cloudfalre - however I configured the ss-config file to NOT create a staging or dev site, it is lsited as FALSE.....however it still tries to create and fails - the main site is successful as I have DNS setup for it. I notice that there are several other options that are ignored within the ss-config file during install, even though they are configurable true/false.

SS-CONFIG has the following entries for staging and dev STAGING_SITE="false" STAGING_SITE_SUBDOMAIN="false"

However it fails when generating the dev and staging cert - I have even enabled the dev/staging DNS, cert is generated but it will still fail on the below message - perhaps I am missing something. **Certbot installation was not successful, reverting to OpenSSL... Restarting nginx (via systemctl): nginx.service. SSL certificates have been successfully generated...

It appears your site is a sub-subdomain so CloudFlare's free SSL will not resolve (please either upgrade to Cloudflare's premium SSL options, or otherwise use Let's Encrypt SSL on this server).**

It then stops installing after this and is back at the command line.

[damiafaw]

The ssl type in the ss-config is also set for openssl SSL_TYPE="openssl"

[damiafaw]

Removing the cerbot commands from the ss-encrypt during the install process allows it to complete - at least on AWS, going to test my other server location. But no cert gets created though - so there is an error in the ss-encrypt config when using certbot

[damiafaw]

Installs now after failing previous checks, assuming something was resolved as doesnt try certbot anymore? Although fails to generate the openssl cert that it looks for in the conf settings? But I can live with that :)

/var/www# service nginx status ● nginx.service - A high performance web server and a reverse proxy server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sat 2020-12-26 10:31:44 UTC; 52s ago Docs: man:nginx(8) Process: 71535 ExecStartPre=/usr/sbin/nginx -t -q -g daemon on; master_process on; (code=exited, status=1/FAILURE)

Dec 26 10:31:44 XXXXX systemd[1]: Starting A high performance web server and a reverse proxy server... Dec 26 10:31:44 XXXXX nginx[71535]: nginx: [emerg] cannot load certificate "/var/www/certs/XXXXX.crt": BIO_new_file() failed (SSL: error:02001002:system library:fopen:> Dec 26 10:31:44 XXXXX nginx[71535]: nginx: configuration file /etc/nginx/nginx.conf test failed Dec 26 10:31:44 XXXXX systemd[1]: nginx.service: Control process exited, code=exited, status=1/FAILURE Dec 26 10:31:44 XXXXX systemd[1]: nginx.service: Failed with result 'exit-code'. Dec 26 10:31:44 XXXXX systemd[1]: Failed to start A high performance web server and a reverse proxy server.

[damiafaw]

unfortunately the database config hasnt worked after completing the install, even tried in a VM also and when accessing the URL, the below message is there - I am assuming this is due to the certificate failing to start nginx. Once I resolve the cert error, the below happens. Am I doing something wrong?

URL = https://www.XXXXXXXX.com redirects to the below URL = https://www.XXXXXXXX.com/wp-admin/setup-config.php

**Welcome to WordPress. Before getting started, we need some information on the database. You will need to know the following items before proceeding.

Database name Database username Database password Database host Table prefix (if you want to run more than one WordPress in a single database) We’re going to use this information to create a wp-config.php file. If for any reason this automatic file creation doesn’t work, don’t worry. All this does is fill in the database information to a configuration file. You may also simply open wp-config-sample.php in a text editor, fill in your information, and save it as wp-config.php. Need more help? We got it.

In all likelihood, these items were supplied to you by your Web Host. If you don’t have this information, then you will need to contact them before you can continue. If you’re all ready…**

If I run the ss-install-wordpress-config then it fixes the above issue, but no mu-plugins like clear cache are installed, so have to run the mu-plugins install

[jessuppi]

Please keep in mind this is not a support forum, but a place to report bugs and request features -- this thread has a lot of different topics mentioned, so it is virtually impossible to mark it as "solved" etc.

As per our Facebook group announcement ss-encrypt is currently being overhauled as we move to supporting dev and staging sites, and a new approach to naming Nginx server blocks.

Also SSL certificates will now be stored under /var/www/certs/ so that is also related too.

So going back to the original topic, that Let's Encrypt fails, I will post back here when ss-encrypt is fixed (and does not run on the dev and staging sites if set disabled in ss-config). Code suggestions are also always welcome, thanks --

[damiafaw]

Sorry :) I have done pre-configured entries many times before with no issues (even with no cloudflare running and never had issues creating the openssl self signed, etc. Seems that running ss-config pre-configured might be causing the issue. Deleted the ss-config, run ss-install without modifying the SS-CONFIG and letting it create itself works.......at least on the VM anyway (minus the SSL) Perhaps when I have tried to pre-configure a few times now, Im changing something that is causing an issue.

Ill retest a few times now.

[damiafaw]

One request - is there a way to not override the current UFW rules in place on install? An option in the ss-config, etc. The server I am currently using, has no external firewall, so when the script runs and overwrites my current UFW rules, I have to go and delete the new ones and replace with my own IP.

Thanks

[jessuppi]

Closing this Issue as it has become muddled beyond recovery.