error:10000080:BIO routines::no such file

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: its-sec-misp.syr.edu

I ran this command: ./start prod up (docker-compose up)

It produced this output:
nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/its-sec-misp.syr.edu/fullchain.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/letsencrypt/live/its-sec-misp.syr.edu/fullchain.pem, r) error:10000080:BIO routines::no such file)

My web server is (include version):nginx

The operating system my web server runs on is (include version): ubuntu 22.04

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):no

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 2.10.0

Welcome @infc

That looks like the docker container running nginx cannot find a certificate file you created with Certbot.

Is that Certbot folder available to your nginx container at that path?

Did you run Certbot in your host or a container?

This is largely a problem of making sure you share the needed files between your host and different containers. It's not really a Let's Encrypt cert issue. Still, someone here may be willing to help but I'd just suggesting reviewing your volume sharing and names.

I strongly suggest you start using the Let's Encrypt staging system while testing. It looks like you are already at the rate limit for duplicate certs for the week. You should make sure you are storing the LE certs in a persistent location.

image2280×783 188 KB

Did you run Certbot in your host or a container? host

this is my nginx docker compose :

nginx:
image: intelowlproject/intelowl_nginx:${REACT_APP_INTELOWL_VERSION}
container_name: intelowl_nginx
restart: unless-stopped
volumes:
- ../configuration/nginx/websocket.conf:/etc/nginx/websocket.conf
- ../configuration/nginx/errors.conf:/etc/nginx/errors.conf
- ../configuration/nginx/https.conf:/etc/nginx/conf.d/default.conf
#- ../letsencrypt/live/its-sec-misp.syr.edu/fullchain.pem:/etc/letsencrypt/live/its-sec-misp.syr.edu/fullchain.pem
- /data/intelowl-test/IntelOwl/docker/letsencrypt:/etc/letsencrypt
- ../configuration/nginx/locations.conf:/etc/nginx/locations.conf
- nginx_logs:/var/log/nginx
- static_content:/var/www/static

Where are your certs on your host? What does this show

sudo certbot certificates

Which of the above docker volume statements allow access to them?

$ sudo certbot certificates
Saving debug log to /var/log/letsencrypt/letsencrypt.log

Found the following certs:
Certificate Path: /etc/letsencrypt/live/its-sec-misp.syr.edu/fullchain.pem
Private Key Path: /etc/letsencrypt/live/its-sec-misp.syr.edu/privkey.pem

Looks like you just need to adjust your nginx container volume statements.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.