Poxa with Certbot letsencrypt problem
shincha3517 opened this issue · 5 comments
I tried to config poxa with SSL using certbot but got error as below
Poxa.conf
`HTTPS port
If not set, will use value of SSL_PORT environment variable
poxa.ssl.port = 443
PEM-encoded CA certificate path
If not set, will use value of SSL_CACERTFILE environment variable
#poxa.ssl.cacertfile = "/etc/letsencrypt/live/mydomain.com/fullchain.p$
Path to user certificate
If not set, will use value of SSL_CERTFILE environment variable
poxa.ssl.certfile = "/etc/letsencrypt/live/mydomain.com/cert.pem"
Path to the file containing the user's private PEM-encoded key
If not set, will use value of SSL_KEYFILE environment variable
poxa.ssl.keyfile = "/etc/letsencrypt/live/mydomain.com/privkey.pem"`
Console
`ubuntu@ip:~/poxa$ sudo _build/prod/rel/poxa/bin/poxa console
==> Generated sys.config in /home/ubuntu/poxa/_build/prod/rel/poxa/var
Erlang/OTP 20 [erts-9.2] [source] [64-bit] [smp:1:1] [ds:1:1:10] [async-threads:10] [kernel-poll:false]
14:27:36.943 [info] Starting Poxa, app_id: 5371F5AFFC91E on port 8080
14:27:36.944 [info] Starting Poxa using SSL on port 443
Interactive Elixir (1.5.0) - press Ctrl+C to exit (type h() ENTER for help)
iex(poxa@127.0.0.1)1>
14:27:41.426 [info] ['TLS', 32, 'server', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'certify', 32, 'received CLIENT ALERT: Fatal - Certificate Unknown', 10]
14:27:56.437 [info] ['TLS', 32, 'server', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'certify', 32, 'received CLIENT ALERT: Fatal - Certificate Unknown', 10]`
Client
window.Echo = new Echo({ broadcaster: 'pusher', wsHost: 'my-ip', wsPort: '8080', wssPort: '443', key: 'CfZddsmd9UGss', cluster: 'mt1', encrypted: true, authEndpoint: '/channel/broadcasting/auth', disableStats: true, enabledTransports: ['ws', 'wss'], });
Browser
WebSocket connection to 'wss://my-ip/app/CZddm9UGss?protocol=7&client=js&version=4.4.0&flash=false' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
Can anyone help me out?
Hey @daoanhvuacc, how do I easily replicate this issue? :D
Hi @edgurgel ,
Can you look at my Poxa.conf file and let me know if it was be configured correctly with:
poxa.ssl.cacertfile = "/etc/letsencrypt/live/mydomain.com/fullchain.pem
poxa.ssl.certfile = "/etc/letsencrypt/live/mydomain.com/cert.pem"
poxa.ssl.keyfile = "/etc/letsencrypt/live/mydomain.com/privkey.pem"
the console log as:
14:27:56.437 [info] ['TLS', 32, 'server', 58, 32, 73, 110, 32, 115, 116, 97, 116, 101, 32, 'certify', 32, 'received CLIENT ALERT: Fatal - Certificate Unknown', 10]
Do you need more info to replicate my issue?
Well easily replicating the issue usually means an easy way to run on my machine without a lot of setup.
Just by guessing... can you try using single quotes to define the ssl files?
I think this has to be an "erlang string" instead of an Elixir string.
poxa.ssl.cacertfile = '/etc/letsencrypt/live/mydomain.com/fullchain.pem'
poxa.ssl.certfile = '/etc/letsencrypt/live/mydomain.com/cert.pem'
poxa.ssl.keyfile = '/etc/letsencrypt/live/mydomain.com/privkey.pem'
I also got the same error. Can you tell me how to fix it? Thank you very much!
Environment variables:
POXA_SSL="true"
SSL_PORT="8443"
SSL_CACERTFILE="/etc/letsencrypt/live/vnpsever.com/fullchain.pem"
SSL_CERTFILE="/etc/letsencrypt/live/vnpsever.com/cert.pem"
SSL_KEYFILE="/etc/letsencrypt/live/vnpsever.com/privkey.pem"
Error: TLS :server: In state :wait_finished received CLIENT ALERT: Fatal - Certificate Unknown