Can't connect to my site ssl error

josephgodwinke · November 30, 2022, 9:19am

Welcome @devie Happy you are here

I discourage installing SSL directly with SSH.

Use the CyberPanel recommended methods to install.

If you have any existing ssl certificates not installed the cyberpanel way delete them. Actually delete all certificates so that you can isolate any ssl issues:

ou need to remove private keys and certificates at the Virtual Host Level

Go to OLS WebAdmin Console of your server i.e https://SERVER_URL:7080 use admin and password you chose for CyberPanel admin panel

If you cannot log in. Using SSH Terminal run adminPass add new password

Then you delete all private keys and certificates for respective website and hostname from server:

$ rm -f /etc/letsencrypt/live/mydomain.net/privkey.pem && rm -f /etc/letsencrypt/live/mydomain.net/fullchain.pem

$ rm -f /etc/letsencrypt/live/mail.mydomain.net/privkey.pem && rm -f /etc/letsencrypt/live/mail.mydomain.net/fullchain.pem

$ rm -f /etc/letsencrypt/live/ssl.mydomain.net/privkey.pem && rm -f /etc/letsencrypt/live/ssl.mydomain.net/fullchain.pem

Then resissue hostname SSL the CyberPanel way:

Go to https://server.mydomain.net:8090/manageSSL/sslForHostName
Choose mydomain.net
Click on Issue SSL

If its not hostname domain

Go to https://server.mydomain.net:8090/manageSSL/manageSSL
Choose mydomain.net
Click on Issue SSL

References:

hostname ssl, 2 - CyberPanel on SSL - Docs - CyberPanel Community
website ssl, 1 - Issuing SSL for website - Docs - CyberPanel Community
email server ssl 2 - SSL For PostFix/Dovecot - Docs - CyberPanel Community

devie · November 30, 2022, 9:28am

when I go to https://server_url:7080 I get this error - this site can’t be reached. url refused to connect.
if I use the ssh terminal and add a new password will I be able to access the webadmin console?

josephgodwinke · November 30, 2022, 9:29am

Yes. Kindly follow the instructions so that i can better support you.

devie · November 30, 2022, 9:29am

ok. I’ll follow your instructions shortly and report back. thx

devie · November 30, 2022, 11:57am

I was able to add new password but still couldnt login to virtual host. My vps is through hostinger. Do I have access to :7080? I only know about :8090? I ran the remove commands in ssh. I’m assuming the files are deleted but I don’t know how to check. I ran a debugger yesterday in ssh and it said that I requested too many certs and had to wait until 3:25pm my time to add ssl. Since I deleted the certs and private keys do I still need to wait until that time to issue another ssl?

josephgodwinke · November 30, 2022, 1:11pm

I usually do not recommend hostinger at all but since you already have a plan kindly consult hostinger for support about access to OLS web admin

devie · November 30, 2022, 1:37pm

Ok. I added the ssl the cyberpanel way and my website is back with the lock. But the path to the panel is not secure. How do I issue ssl for the panel?

josephgodwinke · November 30, 2022, 1:39pm

Issue hostname SSL the CyberPanel way:

Go to https://server.mydomain.net:8090/manageSSL/sslForHostName
Choose mydomain.net
Click on Issue SSL

devie · November 30, 2022, 1:49pm

I tried it but still not secure. The website is okay which seems weird.

josephgodwinke · November 30, 2022, 1:50pm

Did you delete all ssl certificates before reissuing?

devie · November 30, 2022, 1:53pm

I thought those commands did but maybe not. I did a ssl check and I think the ssl in place is from gogetssl, good for 90 days

josephgodwinke · November 30, 2022, 1:56pm

Do you have a hostname panel.mydomain.net or you care using mydomain.net:8090?

devie · November 30, 2022, 1:58pm

I’m using mydomain.net:8090

josephgodwinke · November 30, 2022, 1:59pm

COnsider How to remove port 8090 from CyberPanel it is cleaner and good practise for all your users. Most users detest the port urls makes remembering tedious

This also means you issued domain.net a normal website ssl and hostname ssl. sorry but his will get you to start from the beginning.

devie · November 30, 2022, 2:02pm

Will that solve the ssl issue for the panel? It is annoying typing that. I did another ssl check and it’s for Let’s Encrypt but it said " Certificate Chain Complete?

A valid Root CA Certificate could not be located, the certificate will likely display browser warnings." Do I need to worry about that?

josephgodwinke · November 30, 2022, 2:04pm

Yes just start from the beginning remove all ssl certificates. Then How to remove port 8090 from CyberPanel and start by issuing hostname ssl. COnfirm it is ok then proceed to issue website ssl certificate.

devie · November 30, 2022, 2:07pm

Ok I think I got it now. I won’t get blocked by let’s encrypt again if I do this? That was pretty nerve wracking!

josephgodwinke · November 30, 2022, 2:09pm

From experience seldom anything ever happens so long as nothing updates letsencrypt or you do any kernel updates. Just have a clean install of cyberpanel and install everything on cyberpanel.

devie · December 4, 2022, 9:53pm

I decided not start over and remove :8090. I changed from VPS to Cloud Hosting with Hostinger and everything is fine, SSL is in place. So much easier to work with than Cyberpanel. Thank you for all your help!

system · December 5, 2022, 12:54am

This topic was automatically closed 3 hours after the last reply. New replies are no longer allowed.