both tests fails :
- from a dev machine in http syncing to an emoncms install running in https
- from an emoncms install running in https to another one
the installs running emoncms in https use nginx as proxy and do not have the fullchain certificate. With apache cert is enough but nginx needs fullchain
first step is so to try with a fullchain certificate and to test communicating with openssl
openssl s_client -connect ceremace.duckdns.org:3443 -showcerts
openssl s_client -CAfile cacert.pem -connect ceremace.duckdns.org:3443 -showcerts
to produce fullchain with acme use the following option :
--fullchain-file "/path/to/server/fullchain.pem"
https://github.com/dromotherm/sandbox/tree/master/security#generate-a-certificate
both tests fails :
the installs running emoncms in https use nginx as proxy and do not have the fullchain certificate. With apache cert is enough but nginx needs fullchain
first step is so to try with a fullchain certificate and to test communicating with openssl
to produce fullchain with acme use the following option :
https://github.com/dromotherm/sandbox/tree/master/security#generate-a-certificate