SSl configuration error


I just started a new job and I need to update my ssl certificate.
My previous colleague did not leave behind any doumantation about the ssl certificate process unfortunately.

Currently I have managed to find out the following:
I have a ngix webserver on which I can’t apply for SSL certificates and
update because it is running Debian 8 and therefore does not support certbot.
The SSL certificate enrollment and update is done manually on another server running hestia.

I found the Hestia control panel, I managed to enter the web admin interface where
tried to update the ssl certificate to the domain but failed.

I got the following error messages.

What do I need to configure to make the ssl certificate capture work?

Thanks for your help.

Your web server is waiting to https request on port 80 and that is the root cause for the error:

curl -ikL
HTTP/1.1 400 Bad Request
Server: nginx/1.6.2
Date: Tue, 06 Feb 2024 14:38:47 GMT
Content-Type: text/html
Content-Length: 270
Connection: close

<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>

Modify the web server conf for domain so it doesn’t use https on port 80.

1 Like

First issue is that the domain points to instead of the ip shown in the image

2nd issue: Debian 8 is not supported any more but when we added the error message Debian 8 was also not supported any more.


In January we had to replace our old router in the office, I don’t know if there was some kind of setting for this e.g. NAT ?
The ip address is the wan interface address on my router and is the external address of my webserver.
In Hestia by default I can only select the ip address

If you have replaced the router you need to reconfigure the nat config so the mapping is working again.

1 Like

I will try it
Do you have to modify the ACLs in such cases ?

Depends on the router is is not related to Hestia it self…