Let's Encrypt Issues - 2 Layer Sub Domains
-
Hello All,
Has anyone been having issues between Cloudron and Let's Encrypt for domains that have two sub-domains, for example site-name.sub-domain.domain.tld? On initial provisioning of the app everything seems to be working smoothly, but if the app restarts or you change the location of the app, it starts generating the below error messages in Google Chrome and Firefox.Google Chrome
This site can’t provide a secure connection site.sub.domain.tld uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCHFirefox
Secure Connection Failed An error occurred during a connection to site.sub.domain.tld. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.Any help with this would be greatly appreciate!
Thank you,
Justin -
Thanks, I have seen this issue in the past with Cloudflare. This is related to Cloudflare not issuing certificates properly. If you disable Cloudflare proxying and re-enable it, it sometimes starts working. If that doesn't work, just delete the subdomain entry and add it again manually inside Cloudflare.
-
Hello All,
Has anyone been having issues between Cloudron and Let's Encrypt for domains that have two sub-domains, for example site-name.sub-domain.domain.tld? On initial provisioning of the app everything seems to be working smoothly, but if the app restarts or you change the location of the app, it starts generating the below error messages in Google Chrome and Firefox.Google Chrome
This site can’t provide a secure connection site.sub.domain.tld uses an unsupported protocol. ERR_SSL_VERSION_OR_CIPHER_MISMATCHFirefox
Secure Connection Failed An error occurred during a connection to site.sub.domain.tld. Cannot communicate securely with peer: no common encryption algorithm(s). Error code: SSL_ERROR_NO_CYPHER_OVERLAP The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem.Any help with this would be greatly appreciate!
Thank you,
Justin -
@JLX89 Which DNS backend are you using ? If it's wildcard, remember that *.domain.com only applies to one level. You have to set add a ..domain.com in the DNS for second level to work.
-
@JLX89 that should work out of the box. Do you see anything in the logs? Can you go to Domains -> Renew All Certs and see what it says in the logs?
@girish I've reached out to support directly with the log files. Another interesting issue that just came up, if I view the logs directly when running the Domains > Renew All Certs task, I can view them. If I try to download the entire log, it's completely blank with no data.
-
Thanks, I have seen this issue in the past with Cloudflare. This is related to Cloudflare not issuing certificates properly. If you disable Cloudflare proxying and re-enable it, it sometimes starts working. If that doesn't work, just delete the subdomain entry and add it again manually inside Cloudflare.
-
Thanks, I have seen this issue in the past with Cloudflare. This is related to Cloudflare not issuing certificates properly. If you disable Cloudflare proxying and re-enable it, it sometimes starts working. If that doesn't work, just delete the subdomain entry and add it again manually inside Cloudflare.
-
G girish marked this topic as a question on
-
G girish has marked this topic as solved on