[BlueOnyx:25270] Re: Nginx SSL-Proxy

[Michael Stauber]

Hello,

> We can get to https://domain.com:444 <https://domain.com:444> and just
> tells me it’s not secure

Port 444 is GUI over HTTP. So the URL is http://domain.com:444 - not HTTPS

The HTTPS port of the GUI is 81.

> But we can’t get the Nginx SSL server to run. Soon as we click on the
> box it fails and all the sites on the server go offline
> 
> On top of that we can’t get to https://domain_name.com:81
> <https://domain_name.com:81> after installing the LetsEncrypt Certificates

My guess is that the installation of the LE certificate for the AdmServ
didn't work as intended.

There are two ways to fix it:

1.) Use the GUI (via HTTP - port 444) and try again to request an SSL
certificate for the GUI via "Network Services" / "Security" / SSL. You
can either upload an exported SSL certificate, create a self signed one
to get out of the bend or request another LE cert via the GUI

Alternatively you can:

2.) Login to the server by SSH as "admin" and "su -" to gain root access.

First delete the admserv certificate data:

rm /etc/admserv/certs/*

Then restart CCEd to have a new self signed certificate generated:

/usr/sausalito/sbin/cced.init restart

Restart AdmServ:

systemctl restart admserv

Then go to the GUI (HTTP, port 444) and follow the steps outlined under #1.

> why the SSL Proxy server isn’t working and how to fix it?

THAT is something that the server logfiles could shed some light on:

/var/log/nginx/error.log
/var/log/admserv/adm_error

Or the following command might also help to find out what went wrong:

systemctl status nginx

Let me know if this helps or if you need any further assistance.

-- 
With best regards

Michael Stauber