You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
symbiosis-ssl can generate SSL config for sites that have no certificate returned by Lets Encrypt. This can lead to invalid configuration, and Apache being unable to re-start.
This has been observed both in terms of missing certs that were never returned successfully from Lets Encrypt, or where symbiosis-ssl didn't have permission to write the certificate, but still wrote the SSL config.
Not sure how this can happen. I'll need more info to investigate further.
At the time LetsEncrypt issues the cert, it is parsed as an X509 certificate. If LetsEncrypt returns a zero-length or otherwise corrupt cert, then this stage will fail.
When reading the certificates from disc, symbiosis-ssl assesses each one for validity, and if the file is empty at this point it should be ignored as an invalid set.
Originally posted by @patch0 on 2016-05-16T12:27:55.000Z
symbiosis-ssl can generate SSL config for sites that have no certificate returned by Lets Encrypt. This can lead to invalid configuration, and Apache being unable to re-start.
This has been observed both in terms of missing certs that were never returned successfully from Lets Encrypt, or where symbiosis-ssl didn't have permission to write the certificate, but still wrote the SSL config.
The text was updated successfully, but these errors were encountered: