search

zodern / meteor-up

Production Quality Meteor Deployment to Anywhere
http://meteor-up.com/
MIT License
1.28k stars 279 forks source link

HTTPS error #1293

Open engenheiro opened 2 years ago

engenheiro commented 2 years ago

Mup version (mup --version): 1.5.5

Mup config

{
  "servers": {
    "one": {
      "host": "1.2.3.4",
      "username": "root",
      "password": "password"
    }
  },
  "app": {
    "name": "my-app",
    "path": "../",
    "servers": {
      "one": {}
    },
    "buildOptions": {
      "serverOnly": true,
      "buildLocation": "C:\\Users\\Rodrigo\\AppData\\Local\\Temp\\mup-meteor-1b24df95-00bb-435c-9a5b-4a736bda5aa4",
      "cleanBuildLocation": true
    },
    "env": {
      "ROOT_URL": "https://subdomain.subdomain.host.com",
      "MONGO_URL": "mongodb://mongodb:27017/my-app",
      "MONGO_OPLOG_URL": "mongodb://mongodb/local",
      "VIRTUAL_HOST": "subdomain.subdomain.host.com",
      "HTTPS_METHOD": "noredirect",
      "LETSENCRYPT_HOST": "subdomain.subdomain.host.com",
      "LETSENCRYPT_EMAIL": "email@domain.com",
      "VIRTUAL_PORT": 3000,
      "HTTP_FORWARDED_COUNT": 1
    },
    "docker": {
      "image": "zodern/meteor:root",
      "stopAppDuringPrepareBundle": true,
      "imagePort": 3000,
      "args": [
        "--link=mongodb:mongodb"
      ]
    },
    "enableUploadProgressBar": true,
    "type": "meteor"
  },
  "mongo": {
    "version": "3.4.1",
    "servers": {
      "one": {}
    },
    "dbName": "viajepark"
  },
  "proxy": {
    "domains": "subdomain.subdomain.host.com",
    "ssl": {
      "letsEncryptEmail": "email@domain.com"
    }
  }

Output of command

HTTPS ERROR:

NET::ERR_CERT_AUTHORITY_INVALID

OBS.: I tried several times. I changed server, domain, different versions of Meteor and even the MUP and it always returned the same HTTPS certification error. I even tried to upload a new project that had worked with the same settings and the error persisted.

mikkelking commented 2 years ago

I'm not sure if this is the same problem Clicking on the warning triangle I get this

image

and then clicking on the "Certificate is not valid" I get

image

Your mup file looks similar to mine, except I don't have ENV vars for LETSENCRYPT_HOST and _EMAIL and I do have 

    shared: {
      env: {
        DEFAULT_HOST: 'app.settleeasy.com',
      },
    },

in the proxy section

So it looks like the cert is being generated using a root certificate which is not valid. Not sure how to change this.

I tried upgrading to mup 1.5.7 and stopping it and doing a mup setup again without success

mikkelking commented 2 years ago

False alarm. It turns out that the IP Address of one of the domains listed was not pointing to this server. Once I corrected that mistake and did a mup reconfig then it all came good.

A bit of an obscure issue, I wonder if an error could be generated somewhere along the line, because the "invalid root certificate" was a real red herring.

matt-dale commented 2 years ago

In case others hit these issues, use this command for troubleshooting:

mup proxy logs-le

It helps find issues with certificate generation/verification.