[Resolved] SSL Connection Error Refused No Matter What I do...

Discussion in 'ISPConfig 3 Priority Support' started by DDArt, Feb 3, 2017.

  1. DDArt

    DDArt Member

    ##### RESOLVED ######

    I went ahead and created a let's encrypt option for a domain which it didn't work. Refused | Connection Error Refused.
    I went ahead and deleted the certs, out of /var/www/domain.tld/ssl, I also went as far as delete the domain entirely, and also deleted the
    certs from /etc/letsencrypt/live/domain.tld/* no traces of the domain.

    Recreated domain, enabled SSL (no lete's encrypt but local) hoping to get at least ssl connection with a warning but still get the following:
    Secure Connection Failed
    An error occurred during a connection to www.domain.tld SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
      The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
      Please contact the website owners to inform them of this problem.
    Tried checking apache logs, or error logs and I only found this:
    other_vhosts_access.log:domain.tld:80 x.x.x.x - - [02/Feb/2017:21:56:09 -0700] "GET /.well-known/acme-challenge/asdfsafsfsddfsdfsdfsdfsdfo HTTP/1.1" 200 294 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
    other_vhosts_access.log:domain.tld:80 x.x.x.x - - [02/Feb/2017:21:56:09 -0700] "GET /.well-known/acme-challenge/asdfasfsfsfsfsafsasfsdfsdf HTTP/1.1" 200 294 "-" "Mozilla/5.0 (compatible; Let's Encrypt validation server; +https://www.letsencrypt.org)"
    What's odd, it works on my cell phone showing me the pop-up not being trusted cert, but I least it generated the ssl, if I do let's encrypt cert I go to domain.tld and instead it shows untrusted but shows me another domain2.tld -- ran a report ssllabs.com on domain.tld and it threw an error "Certificate name mismatch" and giving me the other site domain2.tld and www.domain2.tld..

    Going back to panel and create a cert even though let's encrypt is enabled and select it still does local certs vs let's encrypt.

    checking /etc/letsencrypt/live/ I see domain.tld-0001 is that normal? I had ../live/domain.tld/*certs and now it's ../../live/domain.tld-0001/ that are hotlinked to ../../archive/domain.tld-0001/cert1.pem

    the domain.tld in /var/www/domain.tld/ssl are not linked neither..

    I went ahead in panel deleted domain once again, went through /etc/letsencrypt/archive, live, and renewal and deleted domain.tld out of that.
    Any feedback or input is welcomed where I can start troubleshooting it.

    ### Issue / Resolved ####
    I had a hunch and did more digging and checked my local "hosts" files and sure enough there it was. Domain.tld was manually re-routing to another server elsewhere with no ssl or such. This domain was worked on in development stage. After commented out, flush dns, register dns, sure enough "let's encrypt / green locked worked flawless!

    |MOD| You can either delete this or leave it for archival purposes.
    Last edited: Feb 3, 2017
  2. sjau

    sjau Local Meanie Moderator

    Please provide actual domain so that we can check.
  3. DDArt

    DDArt Member

    It was my own mistake, I was in the process of editing post w/solution asking for either deletion or archival purposes. I do appreciate the prompt response and support :)

    Domain still in progress and that's why I used sample, but it works great now, just a bad host file on my part.
    till likes this.

Share This Page