I just started a new job and I need to update my ssl certificate.
My previous colleague did not leave behind any doumantation about the ssl certificate process unfortunately.
Currently I have managed to find out the following:
I have a ngix webserver on which I can’t apply for SSL certificates and
update because it is running Debian 8 and therefore does not support certbot.
The SSL certificate enrollment and update is done manually on another server running hestia.
I found the Hestia control panel, I managed to enter the web admin interface where
tried to update the ssl certificate to the ok.gdszeged.hu domain but failed.
I got the following error messages.
What do I need to configure to make the ssl certificate capture work?
Your web server is waiting to https request on port 80 and that is the root cause for the error:
curl -ikL http://ok.gdszeged.hu/.well-known/acme-challenge/test
HTTP/1.1 400 Bad Request
Server: nginx/1.6.2
Date: Tue, 06 Feb 2024 14:38:47 GMT
Content-Type: text/html
Content-Length: 270
Connection: close
<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.6.2</center>
</body>
</html>
Modify the web server conf for domain ok.gdszeged.hu so it doesn’t use https on port 80.
In January we had to replace our old router in the office, I don’t know if there was some kind of setting for this e.g. NAT ?
The ip address 195.199.154.115 is the wan interface address on my router and 92.249.176.75 is the external address of my webserver.
In Hestia by default I can only select the ip address 195.199.154.115.
