Closed sensiblearts closed 2 years ago
This looks suspiciously similar to #43. Try to update your system packages (it seems like ca-certificates
could be enough), and also restart the system for good measure.
Thanks, I stopped my release, ssh into the vm, apt-get install ca-certificates
, and it says I already have the latest, and then send daemon command to restart my build; which is how I interpret the thread in #43. :-( No change.
Question 1: When I run this in localhost (WSL2 on Windows), it simulates a call and generates a dummy self-signed cert, so I should get a warning in the browser as I do, "Windows does not have enough information to verify this certificate" -- correct?
Also, I'm wondering if it could be a problem with WSL2. I see a few posts out there about trouble with cert chains in WSL2.
(I am doing mix release build on an AMD laptop on WSL2, Ubuntu 20, and pushing the files to a DigitalOcean AMD server, Ubuntu 20.)
I'm kind of in a hurry so I'll probably just deploy HAProxy in front and come back to this in May when I have time. I have a lot to learn about cert chains etc to debug this.
Actually, per your instructions -- (RTFM, David), I just connected iex
remotely and
SiteEncrypt.force_certify(TreeteacherWeb.Endpoint)
:ok
And it is using the cert, no problem with the chain.
This will get me going and I can just force manual renewal while I debug it.
Thanks for this lib!
This will get me going and I can just force manual renewal while I debug it.
If the manual certification work, then the automatic one should work too, because it's the same code. Looking at the reported stacktrace, something seems off. I'll analyze this some more later.
Question 1: When I run this in localhost (WSL2 on Windows), it simulates a call and generates a dummy self-signed cert, so I should get a warning in the browser as I do, "Windows does not have enough information to verify this certificate" -- correct?
Yes.
Any update?
I'm hoping that someone will recognize the problem right away. This is a chronology of what produces the error. Domain is treeteacher.org.
// mix release to remote vm, start phoenix daemon:
///////////////////////
Now, browse https://treeteacher.org/ ... not found, and phoenix logs NOT CHANGED
//////////////////
Now, browse http://IP:4000
Not finding, slowly redirects to treeteacher.org ssl, and logs:
// and my endpoint config: