Adding an api to the site

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: admin.phillipmorrison.com

I ran this command: Logged in using /login

It produced this output: SSL_ERROR_RX_RECORD_TOO_LONG

My web server is (include version): Linode Server-Ubuntu-18.4

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know): Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel): No

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

My problem is: the certificate is working fine on site, but I have added an api to the backend which is running on a different port. I copied the nginx page that the cerbot changed when adding the ssl and then changed the server name and port. Then set it up as a new service in systemd. It would seem this is not the right thing to do?

This website works. What’s the api address?

Hi @Brian55

your error says: Your port is a http port, not a https port.

Connecting http via the https protocol - that’s this error.

See

https://community.letsencrypt.org:80/

same error message: SSL_ERROR_RX_RECORD_TOO_LONG

So your configuration of that port is wrong.

admin.phillipmorrison.com:6200/api

That port

isn’t visible (but that’s not required).

It’s a http port. So compare the vHost configuration with your working port 443 vHost and fix it.

So is it not the correct thing to just copy the nginx server and change the port and server name.
Does the ssl work for both?
If so, where is it loosing the certificate?

It strictly depends on what you copied.

You should probably read and try to understand what you want to copy. Start from this page: https://nginx.org/en/docs/http/ngx_http_ssl_module.html

I think my question was misleading. I really just need to know how to get the certificate to be accepted on both ip addresses in nginx?

The certificate doesn’t care about ip addresses.

So does that mean I can use the same cert details in another server block

yes, but not definitely. it still has to be valid for the right domain names.

I still can’t get this to work. Does the cert. work when the site is contacting the backend api on a different port? I’m getting an SSL error occurred trying to make a secure connection to the server.

Yes, the certificate has nothing to do with the port used. The certificate can even be used for other protocols than HTTPS, for example SMTP for secure e-mail or IMAP et cetera.

The same error? Or different? The error probably originates from a misconfigured server block.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.