'ACEM AUTH ERROR', ('curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to acme-v02.api.letsencrypt.org:443 \n',))

Hello, I have a dedicated aapanel panel installed and when trying to install ssl on my domain it is giving this error I don't know what to do I can't format this dedicated someone could help me ??
System:Ubuntu 18.04.6 LTS x86_64(Py3.7.8)

Dedicated IP 94.130.32.162

ERROR WHEN TRYING TO INSTALL THE CERTIFICATE IS THIS:

ACEM AUTH ERROR', ('curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to acme-v02.api.letsencrypt.org:443 \n',))

echo | openssl s_client -connect acme-v02.api.letsencrypt.org:443 | head
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = acme-v02.api.letsencrypt.org
verify return:1
DONE
CONNECTED(00000005)
:brazil:
certificate chain
0 s:CN = acme-v02.api.letsencrypt.org
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
:brazil:
server certificate
-----BEGIN CERTIFICATE-----

Is your system fully updated? A typical reason for a failed connection to the API would be that the system is only aware of the old expired Let's Encrypt root certificate and don't know ISRG Root X1.

3 Likes

Yes it is updated at most before I had CERT BOT installed but as I no longer used the previous domain I removed the certain bot and installed the aapanel now with it installed when I click to generate a certificate of this error but the domain is not even used In CERT BOT.

sudo apt update && sudo apt -y upgrade:

Fetched 4,929 kb in 1s (3,805 kb/s)
Reading Package Lists ... Done
Building Dependency Tree
Reading State Information ... Done
All packages are up to date.
Reading Package Lists ... Done
Building Dependency Tree
Reading State Information ... Done
Calculating Upgrade ... Done
0 upgraded, the Newly Installed, 0 to remove and 0 not upgradeed.

Thanks, and which version of aapanel are you using?

3 Likes

Congratulations, it is currently the latest version

Current version: aaPanel LinuxStable 6.8.26 Release time: 2022/07/15

Does running curl -I https://acme-v02.api.letsencrypt.org from the terminal work ok?

I'm trying to figure out if there is something wrong with your system trust store or if it's specific to this app (or python etc).

4 Likes

I also presume this has never worked or this is the first time you have tried this on this system?

3 Likes

I ecked the command you sent and the answer was this:

Command: Curl -i https://acme-v02.api.letsencrypt.org

Reply:
Http/2 200
Server: NGINX
DATE: WED, 07 Dec 2022 03:19:02 Gmt
CONTENT-TYPE: Text/HTML
Content-Length: 1540
LAST-MODIFIED: THU, 23 JUN 2022 21:18:47 GMT
ETAG: "62B4D8B7-604"
x-frame-offshops: Deny
strict-transport-security: max-ag = 604800

2 Likes

Thanks, that looks OK.

If certbot is working but the aapanel integration is not working I would suggest asking a question on the aapanel forum: https://forum.aapanel.com/

4 Likes

I didn't understand very well the certbot is working ?? But what is causing this problem I always used this panel and never had this problem

Thanks friend I ended up managing to solve Nginx was causing this problem I uninstalled it and installed apache now I managed to generate the ssl

1 Like

Is that supposed to be ACME?

I find that very difficult to understand.

Do you have more than one version of OpenSSL installed?

3 Likes

As far as I'm aware I don't have this OpenSSL installed but after removing Nginx and installing apache I was able to install ssl without error

Clearly, you do.
Try:
find / -name openssl

3 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.