-
-
Notifications
You must be signed in to change notification settings - Fork 6.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"503 Remote SSL cert could not be verified" when trying to fed with mastodon.social, but not other instances #6449
Comments
There's an issue with your TLS/SSL configuration. Your web server is sending your server certificate, but it's not sending the intermediate certificate that would "chain" your server certificate back to a trusted root certificate. Most web browsers will fetch those intermediate certificates behind the scenes or have them already cached from other sides, but other TLS clients (such as the one used by Mastodon) will not do this and fail to build a trust chain. If you used certbot to obtain your certificate, the fix is to point the You can verify your fix (and possibly find other configuration issues) using SSL Labs. Your current problem would be the "Chain issues | Incomplete" part. |
That worked like a charm, thank you! This is my first time managing SSL certs, I appreciate the informative response. |
So... How can I debug this further? asking todon.nl to check their logs? |
Did you run SSL Labs on your instance yet? That'll reveal the most common SSL/TLS configuration issues such as the missing intermediate/chain certificate problem the OP ran into. (If there's nothing obvious in the result, please share the instance domain for further debugging.) |
I am having trouble with this, too. |
I'm seeing the same issue today. My instance is activity.cyborch.com and ssl labs report is green for me too. This issue has been around for a very long time. Was a fix or a workaround ever found? |
I have the issue as well. Just trying to bump this. My instance is gaymedmastadon.social, and SSL labs report is also green. |
I am building an instance at left.community and I'm testing federation. Federating with most servers works, but when I try to @ a user on mastodon.social from left.community, no posts are loaded and a big blob of text is dumped to the system journal. When I try to @ left.community from mastodon.social, I get the error in the title: "503 Remote SSL cert could not be verified."
I don't seem to have any SSL issues when connecting to other domains, such as cybre.space. So is the issue on my server or on mastodon.social?
The error generated on my server when trying to contact mastodon.social is, frankly, enormous, so I'm uploading it in a text file.
errorlog.txt
master
(If you're a user, don't worry about this).The text was updated successfully, but these errors were encountered: