"Error: SSL intermediate chain is not valid" - external CRT installed

Admininter · March 11, 2022, 10:45am

I followed your FAQ, but it didnt help.
I try to install my external SSL certyficate. I get the CRT, KEY, CA and put it in the fields hestiaCP.
The error appear: “Error: SSL intermediate chain is not valid”

Cloudflare proxy is disabled
cloudflare in development mode (bypass cache)
try to reboot system,

The same problem is when I try to put another SSL certyficate to subdomain: “mail.”

liamgibbins · May 3, 2022, 8:54pm

I have moved my domains to my home server (fresh install) and ran v-restore-user, I get exactly the same when trying to create a self signed certificate for the my new domain.

this is what I get in the error.log

v-add-web-domain-ssl  'User' 'tempest-solutions.org.uk' '/tmp/tmp.YYEKJev2nC' 'same' 'no' [Error 3]

KatyComputer · July 1, 2022, 2:46am

I am seeing the same issue, using gui or v-add-web-domain-ssl.

I have verified the Cloudflare root certificate is the same certificate used previously by comparing it to files stored in /home/user/conf/web/domain.com/ssl/

I am using this value for the CloudFlare SSL Certificate Authority:
-----BEGIN CERTIFICATE-----
MIIEADCCAuigAwIBAgIID+rOSdTGfGcwDQYJKoZIhvcNAQELBQAwgYsxCzAJBgNV
BAYTAlVTMRkwFwYDVQQKExBDbG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91
ZEZsYXJlIE9yaWdpbiBTU0wgQ2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQH
Ew1TYW4gRnJhbmNpc2NvMRMwEQYDVQQIEwpDYWxpZm9ybmlhMB4XDTE5MDgyMzIx
MDgwMFoXDTI5MDgxNTE3MDAwMFowgYsxCzAJBgNVBAYTAlVTMRkwFwYDVQQKExBD
bG91ZEZsYXJlLCBJbmMuMTQwMgYDVQQLEytDbG91ZEZsYXJlIE9yaWdpbiBTU0wg
Q2VydGlmaWNhdGUgQXV0aG9yaXR5MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRMw
EQYDVQQIEwpDYWxpZm9ybmlhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAwEiVZ/UoQpHmFsHvk5isBxRehukP8DG9JhFev3WZtG76WoTthvLJFRKFCHXm
V6Z5/66Z4S09mgsUuFwvJzMnE6Ej6yIsYNCb9r9QORa8BdhrkNn6kdTly3mdnykb
OomnwbUfLlExVgNdlP0XoRoeMwbQ4598foiHblO2B/LKuNfJzAMfS7oZe34b+vLB
yrP/1bgCSLdc1AxQc1AC0EsQQhgcyTJNgnG4va1c7ogPlwKyhbDyZ4e59N5lbYPJ
SmXI/cAe3jXj1FBLJZkwnoDKe0v13xeF+nF32smSH0qB7aJX2tBMW4TWtFPmzs5I
lwrFSySWAdwYdgxw180yKU0dvwIDAQABo2YwZDAOBgNVHQ8BAf8EBAMCAQYwEgYD
VR0TAQH/BAgwBgEB/wIBAjAdBgNVHQ4EFgQUJOhTV118NECHqeuU27rhFnj8KaQw
HwYDVR0jBBgwFoAUJOhTV118NECHqeuU27rhFnj8KaQwDQYJKoZIhvcNAQELBQAD
ggEBAHwOf9Ur1l0Ar5vFE6PNrZWrDfQIMyEfdgSKofCdTckbqXNTiXdgbHs+TWoQ
wAB0pfJDAHJDXOTCWRyTeXOseeOi5Btj5CnEuw3P0oXqdqevM1/+uWp0CM35zgZ8
VD4aITxity0djzE6Qnx3Syzz+ZkoBgTnNum7d9A66/V636x4vTeqbZFBr9erJzgz
hhurjcoacvRNhnjtDRM0dPeiCJ50CP3wEYuvUzDHUaowOsnLCjQIkWbR7Ni6KEIk
MOz2U0OBSif3FTkhCgZWQKOOLo1P42jHC3ssUZAtVNXrCk3fw9/E15k8NPkBazZ6
0iykLhH1trywrKRMVw67F44IE8Y=
-----END CERTIFICATE-----

Any idea what’s going on?
Hestia: v1.6.2
Debian: v11.3

KatyComputer · July 4, 2022, 10:58am

I deleted the “Verifications” section of /usr/local/hestia/bin/v-add-web-domain-ssl

Now all is well. There is a bug in there somewhere, I don’t have the chops to figure out where.

eris · July 4, 2022, 11:48am

github.com/hestiacp/hestiacp

[Bug] SSL is not installing

opened 07:54PM - 01 Jul 22 UTC

RitZz48

bug

### Describe the bug https://user-images.githubusercontent.com/102799834/17…6957437-6c421323-f4ee-47e0-bdeb-3bdad24aaf06.mp4 Issue with CloudFlare SSL installation for the panel subdomain. Whenever I try to save it, it prints successful but doesn't save the SSL. as shown in the video above. ### Tell us how to replicate the bug Not sure, But since its occuring to me whenever I try to add Cloudflare SSL. I assume it'll be the same for you? ### Which components are affected by this bug? Control Panel Backend, Control Panel Installation or Upgrade, Control Panel Web Interface, Let's Encrypt SSL ### Hestia Control Panel Version 1.6.2 ### Operating system Ubuntu 20.04.4 LTS ### Log capture _No response_

system · August 3, 2022, 11:48am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.