Nginx certfile does not exist

@rg305 yeah, my research showed that the Invalid argment error was a known bug that didn't impact performance.

The error comes when I try to run supervisorctl restart all and reads as follows (exactly):

drywater-api-fastapi: ERROR (spawn error)

(drywater-api-fastapi is the name of my app).

When I tail the stderr-log, I see the following:

Traceback (most recent call last):
  File "/var/www/app/bin/gunicorn", line 8, in <module>
    sys.exit(run())
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/wsgiapp.py", line 67, in run
    WSGIApplication("%(prog)s [OPTIONS] [APP_MODULE]").run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/base.py", line 231, in run
    super().run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/base.py", line 72, in run
    Arbiter(self).run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/arbiter.py", line 198, in run
    self.start()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/arbiter.py", line 155, in start
    self.LISTENERS = sock.create_sockets(self.cfg, self.log, fds)
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/sock.py", line 162, in create_sockets
    raise ValueError('certfile "%s" does not exist' % conf.certfile)
ValueError: certfile "/etc/letsencrypt/live/api.avondale.io/fullchain.pem" does not exist

What shows?:
ls -l /etc/letsencrypt/live/api.avondale.io/fullchain.pem

(thanks for your help with this!)

lrwxrwxrwx 1 root root 44 Jun 19 21:58 /etc/letsencrypt/live/api.avondale.io/fullchain.pem -> ../../archive/api.avondale.io/fullchain1.pem

What shows?:
cat /etc/letsencrypt/live/api.avondale.io/fullchain.pem

I see three certificates, each starting with -----BEGIN CERTIFICATE----- and ending with -----END CERTIFICATE-----

Is it safe to post those?

It's safe, but I don't need to see them.
[NEVER POST PRIVKEY.PEM FILE]

What happens with?:
sudo supervisorctl restart all

Thanks. Running that command shows the same error I described above:

drywater-api-fastapi: ERROR (spawn error)

Tailing the log shows the same as well:

Traceback (most recent call last):
  File "/var/www/app/bin/gunicorn", line 8, in <module>
    sys.exit(run())
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/wsgiapp.py", line 67, in run
    WSGIApplication("%(prog)s [OPTIONS] [APP_MODULE]").run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/base.py", line 231, in run
    super().run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/app/base.py", line 72, in run
    Arbiter(self).run()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/arbiter.py", line 198, in run
    self.start()
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/arbiter.py", line 155, in start
    self.LISTENERS = sock.create_sockets(self.cfg, self.log, fds)
  File "/var/www/app/lib/python3.10/site-packages/gunicorn/sock.py", line 162, in create_sockets
    raise ValueError('certfile "%s" does not exist' % conf.certfile)
ValueError: certfile "/etc/letsencrypt/live/api.avondale.io/fullchain.pem" does not exist

hmm...
[back to where we started]

I guess you'll need to trace the process and see where/why it fails to read a file that we've verified to exist.

@rg305 is there anything else you can think of that I would need to do to "reset" things other than restarting nginx and reread / restarting supervisor? Could it be that simple?

Not even sure where I would start on the process trace...

!!!

A server reboot did the trick

Thanks @MikeMcQ and @rg305 for your help! (RG, I lived in the 305 for 9 years!)

Glad to hear [about the trick and the 9 years in the 305] !!!
Cheers

Too funny. I should have led with "did you try turning it off and back on?"

@MikeMcQ funny enough, I actually did try a few reboots early on in my problem solving... apparently one of the small tweaks I made along the way must have done the trick. Thanks for your help!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.