[NCP, Letsencrypt cert] Selfsigned cert despite letsencrypt cert is active

SHA_ndy · November 12, 2023, 4:57pm

Hi all,

I’m using NCP version 1.52.4 with Nextcloud 27.1.3.2.
I recently moved my Installation to a VM and had some issues installing it but now everything works fine.

My problem is that when I connect to my instance (reachable over the internet) my browser says that the site uses a self signed certificate that’s not trusted.
I issued a letsencrypt certificate via the webinterface of NCP Panel several times without an error. But it seems that the certificate isn’t used with my Nextcloud.

How can I figure out which cert is used for my Nextcloud site with apache?

Thanks.

SHA_ndy · November 12, 2023, 5:45pm

I could figure out the location of the apache .conf file for nextcloud. The cert path was pointing to a local cert called “snakeoil” or so.
I don’t understand why the path wasn’t replaced with the one issued for letsencrypt. Manually replacing it works but I don’t know if it is replaced again by some other process in the future. Weird.

ernolf · November 12, 2023, 6:04pm

You replaced the le-certificates or did you change the path in the apache conf?

in apache.conf the pathes must be like:

    SSLCertificateFile /etc/letsencrypt/live/<yourdomain.tld>/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/<yourdomain.tld>/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf

Those two pathes to the live directory are symlinks pointing to the latest certificates installed by certbot.

Much luck,
ernolf

SHA_ndy · November 12, 2023, 6:49pm

I replaced the paths in the config file.
Thanks, hope it’s preserved over time.

system · November 20, 2023, 6:50pm

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.