Link trusted (let's encrypt) SSL certificates

When I try to restart Cady, it produces several issues, thus I can’t figure out how to link my Let’s Encrypt SSL certificate to my server.

It returns: “Status: loading new config: loading http app module: provision http: getting tls app: loading tls app module: provision tls: loading certificates: open /etc/let>”

This is the config for SSL:
tls /etc/letsencrypt/live/netverses.com/cert.pem /etc/letsencrypt/live/netverses.com/privkey.pem is the SSL configuration.

Please fill out the help template you deleted when posting the topic. We cannot help you without that information.

3 Likes

Those are not paths that Caddy manages.

Your question doesn’t make sense. We need you to fill out the help topic template as per the forum rules, and elaborate on what the problem is. We don’t understand your question.

2 Likes

Hello @Xenon_Corps,

I am assuming the HTTP-01 challenge of the Challenge Types - Let's Encrypt is being used.

Using the online tool Let’s Debug yields these results of a WARNING.
https://letsdebug.net/netverses.com/2014538

CloudflareCDN
WARNING
The domain netverses.com is being served through Cloudflare CDN. Any Let's Encrypt certificate installed on the origin server will only encrypt traffic between the server and Cloudflare. It is strongly recommended that the SSL option 'Full SSL (strict)' be enabled.
https://support.cloudflare.com/hc/en-us/articles/200170416-What-do-the-SSL-options-mean-

Also Let’s Encrypt will choose the IPv6 Address over the IPv4 Address if both are available.

image

image

1 Like

And another thing:
Testing and debugging are best done using the Staging Environment as the Rate Limits are much higher.

And this
https://tools.letsdebug.net/cert-search?m=domain&q=netverses.com&d=168
shows

1 Like

I’m so sorry about that, I didn’t notice. So, your answer was actually true. Once I switched the paths to the SSL directory, Caddy managed to serve the SSL certificates.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.