Custom SSL certificates not working correctly #237
Comments
|
I can confirm issue #2. I was going crazy trying to figure out why it wasn't letting me select the files. Good thing I saw this! However once I added the custom SSL cert from cloudflare I was able to select it for my nextcloud proxy host with no issues. |
|
First of all, amazing software done by the creator of this project! Second i can also confirm this with some longs on whats happening.
Ill try to see if i can get it working without the GUI but that could take a while! |
Manually editing the proxy_host/"number".conf file and changing the ssl lines to the correct path did the trick for me. You just cannot use the GUI to manage this proxy_host until the issue is fixed. (Keep in mind you need to change the path to where the certificate files are located inside the docker container, not the path where it's stored on the host) |
Ahh good to know its possible and i dont have to store anything in the database? Ill take a look tomorrow and see what i can get working, thanks xorinzor |
I wasn't aware that a database was being used, despite that, just manually editing the config file did the trick for me. Maybe if you edit the entry in the database it could fix some other issues, but that's just pure speculation as I have no idea what's being stored in the database. |
Adding letsencrypts certificates works great, but custom certificates is having quite a few issues.
only RSA seems to be supported, trying to add a certificate from cloudflare using the ECDSA algorithm throws an error when you try to add it, as it fails to validate the certificate. (The error can also be only viewed via the console, it's not getting returned anywhere within the web interface)
Just a visual glitch, but still confusing if you are unaware: the fields where you select a file will stay empty when a file is selected. This is just visual, because if you selected the proper key and certificate it will allow you to add the certificate.
It doesn't seem to recognize the comma as a delimiter properly when entering the domain names.
And now where things really seem to go wrong:
Selecting the custom SSL certificate for a domain will return an internal server error, which will break that specific proxy host in the web interface until you manually fix it.
The reason for this is that it configures the path where it expects the certificate to be to
"/etc/letsencrypt/live/"inside the"proxy_host/<id>.conf".Which would work fine if it actually was a letsencrypt certificate, but our custom ssl is in a completely different location, that doesn't appear to be symlinked anywhere inside the docker container, and can only be accessed via the mount
"/config"(if this has not been changed from it's default value for whatever reason, by the user).As a result, any changes you attempt to make via the web interface fail as it will try to check the path of the certificate (or something similar, I can see something happening in the logs, but didn't dive too deep into it) and spit out an error.
The text was updated successfully, but these errors were encountered: