Opened 2 weeks ago

Last modified 2 weeks ago

#14445 assigned Bug/Something is broken

Changing from our own cert to Lets Encrypt

Reported by: https://id.mayfirst.org/wespac Owned by: https://id.mayfirst.org/jaimev
Priority: Medium Component: Tech
Keywords: Cc: daniel.strum@…
Sensitive: no

Description

Hi Folks,

Our SSL certificate from Comodo for wespac.org is about to expire. I followed the instructions to change to LetsEncrypt but it brought the website down (got the server's default page). I followed the instuctions here: https://support.mayfirst.org/wiki/faq/security/setup-certificate

I figure it is probably because a cron job needs to run before the new cert is generated. If this is so, how often does that job run. If this is not the case, can you please take a look and see why just removing the certificate paths did not work as described.

Also, we have a dev site that we keep password protected (dev.wespac.org). Will LetsEncrypt work there also?

Thanks, Daniel for WESPAC

Change History (1)

comment:1 Changed 2 weeks ago by https://id.mayfirst.org/jaimev

  • Owner set to https://id.mayfirst.org/jaimev
  • Status changed from new to assigned

The certificate generation process should happen quickly however in this case it seems your domains wespac.org and www.wespac.org are not pointing directly to the ip of your MayFirst host server mandela.mayfirst.org. They seem to be routing through an external service like Cloudflare. If this is the case you will need to configure your Cloudflare account to allow both http and https traffic for both domains before attempting to generate the LetsEncrypt cert. Once the cert is generated you can set Cloudflare to redirect http to https again.

Please login to add comments to this ticket.

Note: See TracTickets for help on using tickets.