Welcome to novaBBS (click a section below)
|mail  files  register  newsreader  login|
I've been using letsencrypt for a while now, and haven't had much trouble. The only issue I've had in the past is it sometimes doesn't seem to know where to find the web root and then can't update. Most likely some issue I've caused.
Today I installed a cert on a server using certbot, which is how I normally do it, and it seemed to all go well, but the cert wasn't recognized. After wasting probably 30 minutes wondering why rslight was rejecting the cert I tried it with nginx, which also rejected it.
It turned out that 'fullcert.pem' (created during cert install), did not actually contain the full cert. It only contained the chain and not the cert. This is different than how I've ever seen it install. The file fullchain.pem and chain.pem were identical.
I had to:
cat cert.pem chain.pem >> fullchain.pem
and then I had a proper file, and it works fine now. I just don't know why it installed that way. Hopefully it won't break in an update.
Posted on: RetroBBS