Dear community,
I understand this may seem as trivial and it was discussed many times already. I would appreciate if you could point me out in the right direction. After the successful installation of Lets encrypt certificate instead of ERPNext login I get the standard:
“Sorry! We will be back soon.”
Also why the address is displayed as not secure?
I’m a novice. Please help to troubleshoot.
Many thanks in advance.
Hi @Gandolf,
could you please elaborate on the steps you took before getting the error? I presume you have done a sequence like this (assuming it worked before)…
$ bench config dns_multitenant on
$ bench new-site your.site.url
$ bench setup nginx
$ service nginx reload
$ bench setup lets-encrypt your.site.url
$ bench restart
If you want to keep the existing ERPNext site (by default site1.local), create a simlink folder in ./sites which is named from the url that you want to access the site. Make sure that in any case ./sites contains a folder with the name of your domain.
Find more information on why it is not secure by clicking on the information (probably something with the cert is wrong).
Hope this helps.
Hi Isalesi
I think I configured Lets encrypt in the same way and at the end I got
IMPORTANT NOTES:
Congratulations! Your certificate and chain have been saved at:
/etc/letsencrypt/live/mysitename.online/fullchain.pem
Your key file has been saved at:
/etc/letsencrypt/live/mysitename.online/privkey.pem
Your cert will expire on 2018-05-27. To obtain a new or tweaked
version of this certificate in the future, simply run certbot-auto
again. To non-interactively renew all of your certificates, run
“certbot-auto renew”Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.If you like Certbot, please consider supporting our work by:
Donating to ISRG / Let’s Encrypt: Donate - Let's Encrypt
Donating to EFF: Support EFF's Work on Let's Encrypt | Electronic Frontier Foundation
As for about not secure connection:
Please advise some next steps.
So from the certificate info you can see that the URL in the certificate is not the same as you are navigating to. And from the “Sorry…” error you see that nginx does not find the site that you are looking for.
These things need to match:
./sites/erp.mydomain.com/ (typically /home/frappe/frappe-bench/sites/erp.mydomain.com)As you were successful in creating the certificate, it seems to be possible to access the server under the address that was used for the certification process (otherwise the cert would not be issued), which is not the same as you are trying to use now (see error message in cert info). Hope that helps to find the mismatch.
Thank you very much. It did the magic.
I renamed my site by simply adding prefix www. and it worked, so my steps were the next
$mv site2.online www.site2.online
cd …
$sudo bench setup nginx
$sudo service nginx reload
$ sudo bench setup lets-encrypt www.yoursite.url
$ sudo bench restart
All commands were executed under frappe user