Closed RockWest closed 3 years ago
You just need to use the fullchain.pem
instead of the cert.pem
, really simple.
There is two ways to do this:
cert.pem
and rename fullchain.pem
to cert.pem
; ORX509_CRT=/certs/fullchain.pem
I can connect to etebase from the android client, although I need to manually approve the certificate as the chain is missing.
And will fix your mobiles client problems too
Closing this for now, but feel free to ask for help here
Well that was so simple I didn't even consider it.
Thanks you very much, worked perfectly.
I trying to setup etebase over SSL using Let's Encrypt certificates, I have the folder mounted in the container with the privkey.pem, fullchain.pem and cert.pem certificates.
I have the X509_CRT and X509_KEY env variables set, and it workx as expected. I can connect to etebase from the android client, although I need to manually approve the certificate as the chain is missing. I can navigate to the etebase "It Work's" website, and the browser recognizes the correct SSL certificates. All good, super easy to setup, thanks a bunch!
When trying to connect to etebase from the etesync-dav client I get the following error:
unable to get local issuer certificate
Based on my research on SSL chains, (prompted by my initial post over on etesync-dav). I think I need to add the fullchain.pem certificate to the etebase configuration so that it can server the intermediate LetsEncrypt certificate to the etesync-dav client. However I don't see any envriomental variables in the docs that supports this.
Is this not supported, not documented, or am I fundamentally misunderstanding the issue?
Thanks for your time.