RunCloud Help

Apr 22, 2022

Having issues installing Lets Encrypt SSL?

  1. LetsEncrypt AutoRenewal failed

    By right, the SSL feature was designed to be an automated process that protects your server and automatically updates the SSL certificate, which expires every few months.

    Please look at the example below:

    However, there are times when the renewal date was empty due to issues with the date received from LE not being populated in the database thus the system not knowing when to renew.

    When it happens, the AutoRenewal will not work properly and it needs to be renewed manually. To do that, the user just need to redeploy by clicking on the Redeploy button on the top right of the panel

  2. LetsEncrypt Challenge failed for domain(s) issue

    For this issue, you will usually find it in the email and activity log when the LetsEncrypt failed to negotiate the new certificate for your SSL

    When you encounter this issue, there is no need to panic. There are two ways to fix this

    1. The system will automatically retry the process and redeploy the SSL. Therefore, there is no need for you to do anything. Or,

    2. You can manually redeploy the SSL by clicking on the Redeploy button

Further Troubleshooting

  1. Ensure you are applying SSL to the correct domain.

  2. Check that all domains have an accurate A record pointing to the Server IP or through Cloudflare.

    Once you have pointed the A record to the correct domain, you may proceed with SSL installation

  3. Check if the nginx-rc server up.

    If the Nginx is down, SSL will not be installed. Ensure it is started before applying SSL.

  4. Check the logs of web application.

    The logs will often provide the error results for why SSL is not being installed

  5. Check if AAAA records are active and disable them before proceeding further with the SSL installation or disable and re-deploy. (AAAA is not supported)

  6. Check the permission of /opt where the LetEncrypt authorization file is there.

    LE authorization file to check: /opt/RunCloud/letsencrypt/.well-known/acme-challenge/

  7. Wait patiently and clear cache as SSL may take up to 24 hours render.

  8. Disable and re-enable or re-deply SSL.

  9. If all of the above doesn't work, please check that port 80 is working.

  10. Enable the HSTS option.

  11. If you are using a test domain, it must be removed before you can use your own domain with SSL.

  12. If you are receiving the ERR_TOO_MANY_REDIRECTS, the fix can be found here: Fixing Redirect Loop on Cloudflare SSL

  13. Mozilla Firefox Users: Fixing the SSL_ERROR_NO_CYPHER_OVERLAP error

  14. Finally, as a last resort, contact Technical Support to look into the issue.