Connection refused after adding valid SSL certifiacate

Hello,

I installed my own SSL certificate for the HestiaCP web admin. I used the website https://zerossl.com to generate a Let’s Encrypt certificate and then I put it to the admin panel settings. After clicking save, the panel started to refuse my connection. Websites are online, but the admin panel is not reachable as you can see on the screen I attached.

Please add an option for the panel to generate the LE cert of itself (using the port 80 on the same domain name as the panel hostname is) so it will be under a valid SSL certificate.

Can we figure it out somehow? Thank you!

Hi

Thanks for your request.

We’ve just released today a new version of hestia (1.0.1), can you do a apt update && apt upgrade to get the latest version?

With this version you will have a new function called v-add-letsencrypt-host, just run it without any additional arguments. It will create you a domain based on your hostname, generate a let’s encrypt cert and will use it for the backend and other services automatically.

That’s cool!

I updated, upgraded and run the function, but there is still “connection refused” as it was before. I am afraid, the cert broke the backend webserver for some reason.

There was no error when running v-add-letsencrypt-host, but it’s still not working :confused:

Can you do a service hestia restart?

Of course!

Still no change? Can you check the log somewhere in /usr/local/hestia/log (maybe also inside the nginx directory)? Basicly it loads the certs from /usr/local/hestia/ssl, you could overwrite them with a self signed one.

NGINX Error log: https://pastebin.com/B7jJqpVS

Message from error.log:

2019-06-25 19:50:27 v-delete-web-domain-ssl  'admin' 'hestia.olimpex.ovh' [Error 3]

And from older error.log:

2019-04-24 13:19:37 v-change-sys-ip-nat  '94.23.173.154' 'File' 'not' 'found.' [Error 2]
2019-04-24 13:25:21 v-add-letsencrypt-domain  'admin' 'hestia.olimpex.ovh' 'www.hestia.olimpex.ovh' 'no' [Error 15]

System.log: https://pastebin.com/RHQm4k6g

I see some error in the error.log, but not sure what that means. I will let you to the server if it help to you :slight_smile:

Send us a mail to [email protected] all credentials for your server, admin and root user. I will check it tomorrow.

OK, thank you. I will send you an email but please, send me back your public RSA key as I don’t use root login password. That will be safer and faster :slight_smile:

Mail sent :slight_smile:

Removed webdomain with www-alias, runned v-add-letsencrypt-host.