Getting ERR_SSL_PROTOCOL_ERROR when connecting to my website through my router

I didn’t issue any command with webroot. I just ran certbot renew -a nginx like you suggested.

There’s a bug with nginx where the installer doesn’t work on some installs, so I was forced to use the webroot method.

I’m willing to get rid of it, if you think it’ll help. I did for the ackis.duckdns.org domain (which is why I had the configuration error, I had to manually edit the config file) and it didn’t seem to make a difference.

1 Like

did you not use, at any point in time, something that looks like certbot renew|run -a webroot -w /var/www/letsencrypt [-d domain] ?

try putting a file in that directory and check if you can see it from http://plexpy.ackis.duckdns.org/.well-known/acme-challenge/yourfile.txt

(or, better, try putting a file in /var/www/letsencrypt/.well-known/acme-challenge/)

1 Like

Yes I did - for all my domains that came up for renewal.

Did that - was able to see the file after messing with permissions, and then I was able to renew a couple certs.

1 Like

and the others gave what error?

1 Like

They’ve just been errors with the automatic nginx install so far - I’ve just had to convert them over to the webroot method. It looks like it was a permissions error.

I thought I had tested that out because I put a file in /var/www/letsencrypt and tried to access it via curl, but couldn’t, but when you told me to put a file in /var/www/letsencrypt/.well-known/acme-challenge/, that’s when I clued in that it may have been permissions. I’m not sure how it could have been because nothing changed there - it was an empty folder with www-data owning it, but who knows. It’s working now at least so I’m able to renew the certs that need to be renewed.

Going to get them all renewed over the next few days here, and hopefully just have it left on so I can forget about it and have everything just work.

Appreciate your help and patience with me.

1 Like

did you mkdir the directories before putting the file in there?

(you can become www-data with sudo -u www-data -s /bin/bash)

1 Like

Not originally. I had thought that the webroot declaration handled that. E.g. plexpy.ackis.duckdns.org/.well-known/acme-challenge/ was mapped directly to /var/www/letsencrypt/. So by having those folders we ended up with plexpy.ackis.duckdns.org/.well-known/acme-challenge/.well-known/acme-challenge/.

They exist in there now though (well earlier this afternoon before I made that other post).

1 Like

Hi @9peppe,

How can I check such information on our website hubbroker.com?

1 Like

it does. but that doesn’t do you any good if you put files inside manually.

You want to see the response headers?

either open the network tab in your browser development tools, or run curl -I http[s]://website in a terminal (install curl if it’s not)

1 Like

I’m not quite following you - if I put a file inside shouldn’t it be handled like a symbolic link to a directory?

the webroot declaration will create the .well-known/acme-challenge directory if it does not exist, but that doesn’t mean you won’t have to do the same, you can’t put files inside a non-existing directory (the webroot declaration cleans up after itself)

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.