openssl rsa -noout -modulus -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
unable to load Private Key
139850916881792:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
OK you can’t use
openssl rsa …
with an ECC key.
grep '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
grep: /root/.acme.sh/cloud.hugoclo411.xyz_ecc/: Is a directory
then:
grep '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/*
or
grep -R '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
grep -R ‘----’ /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr:-----BEGIN CERTIFICATE REQUEST-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr:-----END CERTIFICATE REQUEST-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----END CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----END CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/ca.cer:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/ca.cer:-----END CERTIFICATE-----
the files are gone…
moved?
maybe when you issued the
--install-cert
find / -name cloud.hugo*
find / -name cloud.hugo*
/root/.acme.sh/cloud.hugoclo411.xyz_ecc
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.conf
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr.conf
/root/.acme.sh/cloud.hugoclo411.xyz
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.csr
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.conf
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.cer
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.key
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.csr.conf
Please show this public cert file:
And we seem to have lost the "fullchain.cer" file...
Also, please show to confirm they match:
openssl ec -pubout -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key openssl x509 -pubkey -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer
If matched, then update file:
/etc/nginx/sites-enabled/nextcloud.conf
ssl_certificate /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer;
ssl_certificate_key /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key;
openssl ec -pubout -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
read EC key
unable to load Key
139929287808384:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
It was there earlier...
But now it is not there.
please show only top part of this private file - FIRST LINE ONLY:
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
maybe you can just reissue a new cert (without doing the --install-cert):
acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --k ec-384
Then start nginx
systemctl start nginx
acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --keylength ec-384
[Mon Dec 17 22:23:08 CET 2018] Standalone mode.
[Mon Dec 17 22:23:08 CET 2018] Single domain='cloud.hugoclo411.xyz'
unable to load Private Key
140581453714816:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
[Mon Dec 17 22:23:08 CET 2018] Create CSR error.
[Mon Dec 17 22:23:08 CET 2018] Please add '--debug' or '--log' to check more details.
[Mon Dec 17 22:23:08 CET 2018] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
first move or delete the files in:
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/
Then
also please show:
openssl version
OpenSSL 1.1.0j 20 Nov 2018
/.acme.sh# acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --keylength ecc-384
[Mon Dec 17 22:35:56 CET 2018] Standalone mode.
[Mon Dec 17 22:35:56 CET 2018] Creating domain key
[Mon Dec 17 22:35:56 CET 2018] Create key error.
[Mon Dec 17 22:35:56 CET 2018] Single domain='cloud.hugoclo411.xyz'
unable to load Private Key
139705709929856:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
[Mon Dec 17 22:35:56 CET 2018] Create CSR error.
[Mon Dec 17 22:35:56 CET 2018] Please add '--debug' or '--log' to check more details.
[Mon Dec 17 22:35:56 CET 2018] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub