eris
August 14, 2022, 7:04am
38
What OS. version do you use?
opened 11:57PM - 27 Dec 20 UTC
closed 10:00PM - 13 Jan 21 UTC
bug
web
### In a few words, please describe the issue that you're experiencing:
Trying … to enable a Let's Encrypt SSL certificate for the site, I keep getting the error "Error code: 15". Using the `v-add-letsencrypt-domain` command also fails.
### What steps did you take when the issue occured?
1. Logging in to Hestia
2. Open the configuration of any site without SSL certificate
3. Press "Use Lets Encrypt to obtain SSL certificate" and then "Save".
4. I get the error `Error code: 15`
### Expected behavior:
SSL certificated should have been configured successfully
### Operating system:
Ubuntu 16.04.7 LTS
### Hestia Control Panel version:
1.3.2
### Additional notes:
Actually, I was able to find the cause of this error on my own and fix it. I need help from someone who knows more about bash-scripting than I do, to help me write a fix.
### The situation is as follows:
When using the `v-add-letsencrypt-domain` script, we may see a message like `curl: option --retry-connrefused: is unknown`.
![image](https://user-images.githubusercontent.com/1726455/103181856-9ff3da80-48ae-11eb-8c4a-a99a23b1d833.png)
This is because curl version **7.47.0** is in the Ubuntu 16.04.7 repositories, but the `--retry-connrefused` option was added in version **7.52.0**
![image](https://user-images.githubusercontent.com/1726455/103181928-4fc94800-48af-11eb-9f61-0b95621b9db4.png)
If you remove the `--retry-connrefused` parameter on the next line, everything works fine!
https://github.com/hestiacp/hestiacp/blob/4b4edd540ffde7f17a364aa3911c11b71b477eab/bin/v-add-letsencrypt-domain#L58
**⚠️ I think you just need to add a check on the Ubuntu version (or curl version) and add this parameter if necessary.**
Ubuntu 16.04 is not supported
Otherwise update to the last curl version
1 Like
erwin
August 16, 2022, 8:28am
39
yes sir, this is the reason i am failed to solve this SSL problem
eris
August 16, 2022, 8:43am
40
16.04 is EOL for about 15 months we don’t support it any more suggest upgrading to a newer version
2 Likes
eris
August 16, 2022, 8:47am
41
Hi
hestia port being 2083
I’ve asked SSL to CLOUDFLARE
and i works fine for me, with HTTPS, HSTS, proxy, encryption full
before pasting the certificates in HESTIA, I had to apply this:
wget https://developers.cloudflare.com/ssl/static/origin_ca_rsa_root.pem
mv origin_ca_rsa_root.pem origin_ca_rsa_root.crt
cp origin_ca_rsa_root.crt /usr/local/share/ca-certificates
update-ca-certificates
then, copy/paste the keys from CLOUDFLARE in
admin > server > configure > SSL (the certificates won’t show after Save)
domain’s SSL certificate
in case it blocks, I try . .
v-add-letsencrypt-host
/usr/local/hestia/bin/v-add-letsencrypt-host
OR
sudo /usr/local/hestia/bin/v-update-host-certificate user sub.domain.net
reboot
eris
August 16, 2022, 8:09pm
44
It force you to use Cloudflare if you can’t / don’t want it is not an option.
User should update his server to more recent version Ubuntu 22.04 or 20.04
erwin
August 17, 2022, 2:33am
45
is there command in SSL putty , to update my ubuntu be higher ? i need suggesstion about this … if i have updatede my ubuntu… is there newest hestiacp update for new version ? or is it enough just update ubuntu only ?
eris
August 17, 2022, 5:29am
46
Yes you can update hestia the the latest version
1 Like
erwin
August 17, 2022, 10:07am
47
thks very much… i want to try
erwin
August 25, 2022, 7:07am
51
but ubuntu still on 16, not 18… is there detail command that i can follow as gudance to upgrade ?
erwin
August 25, 2022, 7:12am
54
sudo do-release-upgrade -c (command not found ) … what must i do to solve this ?
eris
August 25, 2022, 8:03am
55
Google for instruction for 16.04 their have changes been made.
erwin
August 27, 2022, 11:54pm
56
THKS SSL is clear after i update UBUNTU 22