New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SSL certificate generation fails due to renewal, but CLI thinks everything is okay and continues #309
Comments
I mean technically if the certificate already exists, then the setup should still work. Gonna update the error handling to not output the "renewal" line though - might be confusing. |
closes TryGhost#309 - if a user deletes their instance and recreates it with the same domain, then acme will fail to generate the certificate because it already exists & is not due for renewal. We work around this issue by looking for the error and copying the right keys if it already exists
closes TryGhost#309 - if a user deletes their instance and recreates it with the same domain, then acme will fail to generate the certificate because it already exists & is not due for renewal. We work around this issue by looking for the error and copying the right keys if it already exists
closes #309 - if a user deletes their instance and recreates it with the same domain, then acme will fail to generate the certificate because it already exists & is not due for renewal. We work around this issue by looking for the error and copying the right keys if it already exists
Hello Ghost team. I'm having issues with this. I ran a failed install (bad mysql settings) but it got to generate a cert. I deleted the ghost instance then tried to run the installer again and keep failing on ssl params file. What is the best fix to delete the cert and regenerate with ghost? Actually think I might have hit the letsencrypt rate limit |
@mathewtrivett there's some fixes in master that should be able to help - there will be a new version of the CLI released today so you should be able to get the fixes in a bit. |
Grand, well i'll get it setup without SSL for now. Download the new CLI in 5 days or so and run the setup-ssl program. :) And sorry to jump into pull request comments, just wasn't sure where to put it. |
I ran into the following situation.
I was prompted for ssl certificate generation and hitted "yes"
But a warning popped up Certificate not due for renewal yet, skipping.
The CLI continued with trying to generate the certificate and then it prompted me for ssl parameter file generation, i hitted yes (i knew this is going to fail).
Then i ran into:
I had to manually delete the ssl setup from my nginx config and restart Ghost.
This was caused by a rate limit from Letsencrypt.
What's weird here is that the CLI continues trying to generate my ssl certificate and then it prompts me for ssl parameter generation, but the ssl certificate was never created.
The text was updated successfully, but these errors were encountered: