Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  login

Etiquette is for those with no breeding; fashion for those with no taste.

rocksolid / Linux / letsencrypt.org

SubjectAuthor
o letsencrypt.orgRetro Guy

1
letsencrypt.org
  rocksolid.shared.linux
Path: i2pn2.org!rocksolid3!.POSTED.localhost!not-for-mail
From: retro....@retrobbs.rocksolidbbs.com.remove-itw-this (Retro Guy)
Newsgroups: rocksolid.shared.linux
Subject: letsencrypt.org
Date: Thu, 10 Sep 2020 09:14:49 +0000
Organization: RetroBBS
Message-ID: <3752a314970b003c1bc123b882af8d33$1@www.rocksolidbbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: rocksolidbbs.com; posting-host="localhost:127.0.0.1";
logging-data="420"; mail-complaints-to="usenet@rocksolidbbs.com"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
To: rocksolid.shared.linux
X-Comment-To: rocksolid.shared.linux
X-FTN-PID: Synchronet 3.17a-Linux Dec 29 2018 GCC 6.3.0
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on rocksolidbbs.com
X-Rslight-Site: $2y$10$LUBI0pYrAjy.6PW28WF23uyliq.QHQp5.dTrprlKUEZbV81riRT3O
X-Gateway: retrobbs.rocksolidbbs.com [Synchronet 3.17a-Linux NewsLink 1.110]
Xref: rslight rocksolid.shared.linux:66
 by: Retro Guy - Thu, 10 Sep 2020 09:14 UTC

To: rocksolid.shared.linux
I've been using letsencrypt for a while now, and haven't had much trouble. The only issue I've had in the past is it sometimes doesn't seem to know where to find the web root and then can't update. Most likely some issue I've caused.

Today I installed a cert on a server using certbot, which is how I normally do it, and it seemed to all go well, but the cert wasn't recognized. After wasting probably 30 minutes wondering why rslight was rejecting the cert I tried it with nginx, which also rejected it.

It turned out that 'fullcert.pem' (created during cert install), did not actually contain the full cert. It only contained the chain and not the cert. This is different than how I've ever seen it install. The file fullchain.pem and chain.pem were identical.

I had to:
cat cert.pem chain.pem >> fullchain.pem
and then I had a proper file, and it works fine now. I just don't know why it installed that way. Hopefully it won't break in an update.

Retro Guy

--
Posted on: RetroBBS
www.rocksolidbbs.com

1
server_pubkey.txt

rocksolid light 0.9.1
clearnet tor