[BUG] 2.3.5 Sub domain SSL issues

[master3395]

When creating a new sub-domain, it does make Cloudflare a non-orange cloud DNS setup. But sadly it does not assign Let's encrypt SSL to the subdomain from cyberpanel. So we end up with no SSL at all on all new domains.

Example: http://diabetes.newstargeted.com/

I added a new file to that sub-domain index.php I created the files from the CyberPanel file manager. I have tried the Permission fix in the file manager also.

http://diabetes.newstargeted.com/index.php

Current Version:  2.3
Build:  5
Current Commit:  c97df70156acd8d6a005d7b10e9f6a0aaf900c23
Latest Version:  2.3
Latest Build:  5
Latest Commit:  c97df70156acd8d6a005d7b10e9f6a0aaf900c23

[usmannasir]

you mean when cloudflare sync is on?

[master3395]

Yeah, i tried both with the sync off first, to let's encrypt and make the SSL, but it didn't happen. So I tried enabling Cloudflare sync, then I just got redirect error "too many redirects"

[usmannasir]

[master3395]

Try adding custom files, such as a new static index.php or something. The original "index.html" works for some reason, but it works without SSL. But any new files after that break and give 503 error.

[usmannasir]

http://sslchec.wpmautic.net/hello.php

[master3395]

Ah, it seems to not be an issue with the SSL, but the Apache setup again, when I created the subdomain. I forgot how to fix that again. It doesn't make a default htaccess file in the root of the subdomain, is that the main issue using the Apache setup?

I get the 503, if I have apache enabled, but it loads perfectly if I don't.

[usmannasir]

i have re-set my server but lets close this issue.

i will check with apache as well. we can create seprate issue for apache.

[master3395]

It seems that the CloudFlare SSL isn't issued after all in 2.3.5 :/ Even with Apache disabled. I have tried SSL and SSLV2. They say the SSL is already pushed, and I can understand that, if it's pushed from CloudFlare. But if I turn off CloudFlare, I get this error, saying not private connection:

[master3395]

I think I've found an issue when adding a new domain in 2.3.5, it does not create the vhssl part in the vhost. I took the one from api.newstargeted.com, and it loaded perfectly with letsencrypt, but sadly CloudFlare is still broken. https://www.diffchecker.com/dB3WZtFA/

vhssl  {
  keyFile                 /etc/letsencrypt/live/api.newstargeted.com/privkey.pem
  certFile                /etc/letsencrypt/live/api.newstargeted.com/fullchain.pem
  certChain               1
  sslProtocol             24
  enableECDHE             1
  renegProtection         1
  sslSessionCache         1
  enableSpdy              15
  enableStapling           1
  ocspRespMaxAge           86400
}

[master3395]

I think I've found an issue when adding a new domain in 2.3.5, it does not create the vhssl part in the vhost. I took the one from api.newstargeted.com, and it loaded perfectly with letsencrypt, but sadly CloudFlare is still broken. https://www.diffchecker.com/dB3WZtFA/

vhssl  {
  keyFile                 /etc/letsencrypt/live/api.newstargeted.com/privkey.pem
  certFile                /etc/letsencrypt/live/api.newstargeted.com/fullchain.pem
  certChain               1
  sslProtocol             24
  enableECDHE             1
  renegProtection         1
  sslSessionCache         1
  enableSpdy              15
  enableStapling           1
  ocspRespMaxAge           86400
}

@usmannasir I don't think we were done here. I saw that letsencrypt is now missing on 2.3.5 domain and sub-domain creation, making all letsencrypt ssl's invalid for every domain, unless you add the code over, to your vhost. It also invalidates all ssl's, even cloudflare ssl's with the cloud.

[usmannasir]

vhssl part is added when you issue SSL. I am gettig confused here..

This happens only when you use apache?

[usmannasir]

Fixed now.