Learn about Centmin Mod LEMP Stack today
Register Now

Letsencrypt ERR_SSL_SERVER_CERT_BAD_FORMAT

Discussion in 'Domains, DNS, Email & SSL Certificates' started by gamal, Apr 5, 2018.

Tags:
  1. gamal

    gamal Member

    38
    3
    8
    Jan 31, 2018
    Ratings:
    +3
    Local Time:
    9:53 PM
    1.13.8
    the error now is as follows:

    This site can’t provide a secure connection
    www.usa2eg.com
    doesn't adhere to security standards.

    ERR_SSL_SERVER_CERT_BAD_FORMAT

    i make the SSL options just like I do everytime from menu option 2, what could be wrong?

    also here is the error log

    2018/04/04 10:41:48 [error] 5697#5697: *11 "/home/nginx/domains/usa2eg.com/public/_asterisk/index.php" is not found (2: No such file or directory), client: 95.213.130.90, server: usa2eg.com, request: "GET /_asterisk/ HTTP/1.1", host: "159.65.49.157"
    2018/04/04 12:51:23 [error] 5697#5697: *62 open() "/home/nginx/domains/usa2eg.com/public/sitemap.xml" failed (2: No such file or directory), client: 66.249.66.192, server: usa2eg.com, request: "GET /sitemap.xml HTTP/1.1", host: "www.usa2eg.com"
    2018/04/04 13:02:48 [error] 5697#5697: *63 "/home/nginx/domains/usa2eg.com/public/contact-us/index.php" is not found (2: No such file or directory), client: 100.43.90.123, server: usa2eg.com, request: "GET /contact-us/ HTTP/1.1", host: "www.usa2eg.com"
    2018/04/04 13:10:47 [error] 5697#5697: *64 "/home/nginx/domains/usa2eg.com/public/daily-deals/index.php" is not found (2: No such file or directory), client: 66.249.66.192, server: usa2eg.com, request: "GET /daily-deals/ HTTP/1.1", host: "www.usa2eg.com"
    2018/04/04 13:44:12 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:13 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:14 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:15 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:15 [error] 5697#5697: *66 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css" failed (2: No such file or directory), client: 66.249.64.12, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:16 [error] 5697#5697: *66 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css" failed (2: No such file or directory), client: 66.249.64.12, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:17 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:17 [error] 5697#5697: *65 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/woocommerce/assets/css/woocommerce.css" failed (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.3.3 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:44:18 [error] 5697#5697: *66 open() "/home/nginx/domains/usa2eg.com/public/wp-content/plugins/jetpack/css/jetpack.css" failed (2: No such file or directory), client: 66.249.64.12, server: usa2eg.com, request: "GET /wp-content/plugins/jetpack/css/jetpack.css?ver=5.8 HTTP/1.1", host: "www.usa2eg.com", referrer: "http://www.usa2eg.com/watches-stores/"
    2018/04/04 13:48:09 [crit] 5697#5697: *71 SSL_do_handshake() failed (SSL: error:1417D18C:SSL routines:tls_process_client_hello:version too low) while SSL handshaking, client: 208.93.153.177, server: 0.0.0.0:443
    2018/04/04 13:49:23 [crit] 5697#5697: *79 SSL_do_handshake() failed (SSL: error:1417D18C:SSL routines:tls_process_client_hello:version too low) while SSL handshaking, client: 184.105.139.69, server: 0.0.0.0:443
    2018/04/04 14:26:34 [error] 5697#5697: *82 "/home/nginx/domains/usa2eg.com/public/how-it-works/index.php" is not found (2: No such file or directory), client: 66.249.64.13, server: usa2eg.com, request: "GET /how-it-works/ HTTP/1.1", host: "www.usa2eg.com"
    2018/04/04 15:15:46 [error] 5697#5697: *90 "/home/nginx/domains/usa2eg.com/public/facebook-group-icon/index.php" is not found (2: No such file or directory), client: 141.8.143.186, server: usa2eg.com, request: "GET /facebook-group-icon/ HTTP/1.1", host: "www.usa2eg.com"

    this is a wordpress website, and the files is there, also there are errors for ssl handshake, and it see pages as if they are folders that have to be found
     
    Last edited: Apr 5, 2018
  2. eva2000

    eva2000 Administrator Staff Member

    36,422
    7,994
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,308
    Local Time:
    9:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    First backup and make a copy of your nginx vhost config files for your domain /usr/local/nginx/conf/conf.d/yourdomain.com.conf and/or /usr/local/nginx/conf/conf.d/yourdomain.com.ssl.conf

    Test your domain with dev version of SSLLabs SSL Server Test (Powered by Qualys SSL Labs). SSLLabs says certificate mismatch. Seems letsencrypt failed to properly issue a ssl cert so you have the self-signed ssl cert in place according to SSL Server Test: www.usa2eg.com (Powered by Qualys SSL Labs).

    upload_2018-4-5_1-58-26.png

    How was the initial letsencrypt ssl certificate obtained ? Which method ?
    • Was the domain nginx vhost alreadying created prior or new domain nginx vhost site setup for first time ?
    • Via centmin.sh menu option 2, 22, /usr/bin/nv ?
    • If you ran centmin.sh menu option 2 or 22, which letsencrypt option did you select from
      Code (Text):
      -------------------------------------------------------------
      Setup full Nginx vhost + Wordpress + WP Plugins
      -------------------------------------------------------------
      
      Enter vhost domain name you want to add (without www. prefix): acme3.domain1.com
      
      Create a self-signed SSL certificate Nginx vhost? [y/n]: n
      Get Letsencrypt SSL certificate Nginx vhost? [y/n]: y
      
      You have 4 options:
      1. issue staging test cert with HTTP + HTTPS
      2. issue staging test cert with HTTPS default
      3. issue live cert with HTTP + HTTPS
      4. issue live cert with HTTPS default
      Enter option number 1-4: 1
      
    • Via addons/acmetool.sh ? which specific command ? examples
      Code (Text):
      ./acmetool.sh issue acme.domain.com
      
      Code (Text):
      ./acmetool.sh issue acme.domain.com live
      
      Code (Text):
      ./acmetool.sh issue acme.domain.com d
      
      Code (Text):
      ./acmetool.sh issue acme.domain.com lived
      
    • What was order of steps you did ? Did you run centmin.sh menu option 2 first with letsencrypt ? Then did you run addons/acmetool.sh afterwards ?

    Centmin Mod Self-Signed SSL Fallback



    If you're seeing a Centmin Mod's self-signed ssl certificate instead of letsencrypt ssl certificate, then that's acmetool.sh and centminmod's fallback if letsencrypt verification fails to obtain letsencrypt ssl cert, it falls back to centmin mod self-signed ssl certificate on https port 443 side so to preserve the https nginx vhost

    Troubleshooting



    There are various steps you can do to troubleshoot failed letsencrypt issuances, renews, reissues etc.
    • acmetool.sh logs all command line or shell menu runs to log files at /root/centminlogs. To troubleshoot, copy the contents of the log run and post contents of log to pastebin.com or gist.github.com and share link in this thread. To find the log list the logs in ascending date order
      Code (Text):
      ls -lahrt /root/centminlogs
      .
    • For direct acmetool.sh runs, there should be a 2nd & 3rd & 4th log in format /root/centminlogs/centminmod_${DT}_nginx_addvhost_nv.log and /root/centminlogs/acmetool.sh-debug-log-$DT.log and /root/centminlogs/acmesh-issue_*.log or /root/centminlogs/acmesh-reissue_*.log which would need to be included via separate pastebin.com or gist.github.com post.
    • Enable acmetool.sh debug mode. In persistent config file at /etc/centminmod/custom_config.inc (create it if doesn't exist) add and enable acmetool.sh debug mode which gives much more verbose letsencrypt issuance process information when you re-run acmetool.sh or centmin.sh menu options 2, 22 or /usr/bin/nv command lines.
      Code (Text):
      ACMEDEBUG='y'
    If acme.sh auto renewals didn't happen, check output for the following commands
    Code (Text):
    grep acme /var/log/cron* | sed -e "s|$(hostname -s)|host|g"
    

    Code (Text):
    echo y | /usr/local/src/centminmod/addons/acmetool.sh checkdates
    

    Code (Text):
    "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"
    

    Code (Text):
    echo | openssl s_client -connect yourdomain.com:443
    

    Without the answers to above questions and logs, there is nothing to help troubleshoot.
     
  3. eva2000

    eva2000 Administrator Staff Member

    36,422
    7,994
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,308
    Local Time:
    9:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  4. gamal

    gamal Member

    38
    3
    8
    Jan 31, 2018
    Ratings:
    +3
    Local Time:
    9:53 PM
    1.13.8
    ok what i have done is using option 2 to create the nginx vhost ssl, having some troubles so i destroyed the droplet and start all over again, the first time i checked the ssl was getting class A, now its like i described.

    here are the test results:

    Code:
    [16:26][[email protected] ~]# ls -lahrt /root/centminlogs
    total 7.5M
    -rw-r--r--.  1 root root  16K Apr  3 13:26 centminmod_123.09beta01.b017_030418-132516_yuminstall_centos7.log
    -rw-r--r--.  1 root root  16K Apr  3 13:26 centminmod_yumtimes_030418-132516.log
    -rw-r--r--.  1 root root   37 Apr  3 13:26 centminmod_profiletimes_030418-132516.log
    -rw-r--r--.  1 root root 2.2K Apr  3 13:26 cmm-login-git-checks_030418-132617.log
    -rw-r--r--.  1 root root  81K Apr  3 13:26 centminmod_downloadtimes_030418-132516.log
    -rw-r--r--.  1 root root 1.3K Apr  3 13:26 securedtmp.log
    -rw-r--r--.  1 root root    0 Apr  3 13:26 patch_opensslpatches_030418-132516.log
    -rw-r--r--.  1 root root   45 Apr  3 13:30 centminmod_opensslinstalltime_030418-132516.log
    -rw-r--r--.  1 root root    8 Apr  3 13:31 patch_patchnginx_030418-132516.log
    -rw-r--r--.  1 root root 1.9K Apr  3 13:31 gcc_native.log
    -rw-r--r--.  1 root root 1.5K Apr  3 13:31 nginx-configure-030418-132516.log
    -rw-r--r--.  1 root root 2.7M Apr  3 13:37 centminmod_ngxinstalltime_030418-132516.log
    -rw-r--r--.  1 root root 9.4K Apr  3 13:39 setio_innodbstatus-before-030418-133941.log
    -rw-r--r--.  1 root root  783 Apr  3 13:39 centminmod_setio_030418-133941.log
    -rw-r--r--.  1 root root 9.4K Apr  3 13:39 setio_innodbstatus-after-030418-133941.log
    -rw-r--r--.  1 root root   58 Apr  3 13:49 centminmod_phpinstalltime_030418-132516.log
    -rw-r--r--.  1 root root  476 Apr  3 13:49 zendopcache_passfile.txt
    -rw-r--r--.  1 root root  27K Apr  3 13:54 centminmod_123.09beta01.b017_030418-132516_yum-log.log
    -rw-r--r--.  1 root root  125 Apr  3 13:54 install.utc.time.log
    -rw-r--r--.  1 root root 4.5M Apr  3 13:54 centminmod_123.09beta01.b017_030418-132516_install.log
    -rw-r--r--.  1 root root   19 Apr  3 13:54 getcmtime_installtime_030418-131712.log
    -rw-r--r--.  1 root root   56 Apr  3 13:54 firstyum_installtime_030418-131712.log
    -rw-r--r--.  1 root root  809 Apr  3 13:54 install_time_stats_030418-131712.log
    -rw-r--r--.  1 root root 6.5K Apr  3 13:54 sar-u-installstats.log
    -rw-r--r--.  1 root root 5.8K Apr  3 13:54 sar-q-installstats.log
    -rw-r--r--.  1 root root 9.0K Apr  3 13:54 sar-r-installstats.log
    -rw-r--r--.  1 root root  16K Apr  3 13:54 sar-d-installstats.log
    -rw-r--r--.  1 root root 5.1K Apr  3 13:54 sar-b-installstats.log
    -rw-r--r--.  1 root root 4.4K Apr  3 13:54 yum-timedhosts.txt
    -rw-r--r--.  1 root root 1.3K Apr  3 14:02 centminmod_123.09beta01.b017_030418-135843_nginx_addvhost-remove-cmds-usa2eg.com.log
    -rw-r--r--.  1 root root  15K Apr  3 14:02 centminmod_123.09beta01.b017_030418-135843_nginx_addvhost.log
    -rw-r--r--.  1 root root  293 Apr  3 14:28 centminmod_123.09beta01.b017_030418-142825_git_updatecur_branch.log
    -rw-r--r--.  1 root root  293 Apr  3 14:47 centminmod_123.09beta01.b017_030418-144731_git_updatecur_branch.log
    -rw-r--r--.  1 root root 2.8K Apr  3 21:48 cmm-login-git-checks_030418-214811.log
    -rw-r--r--.  1 root root 2.8K Apr  3 22:28 cmm-login-git-checks_030418-222843.log
    -rw-r--r--.  1 root root 2.8K Apr  4 03:36 cmm-login-git-checks_040418-033605.log
    -rw-r--r--.  1 root root 2.8K Apr  4 15:10 cmm-login-git-checks_040418-151000.log
    drwxr-xr-x.  2 root root 4.0K Apr  4 16:18 .
    -rw-r--r--.  1 root root 2.8K Apr  4 16:18 cmm-login-git-checks_040418-161838.log
    drwxr-xr-x. 10 root root 4.0K Apr  4 16:24 ..
    [16:28][[email protected] ~]# ls -lahrt /root/centminlogs
    total 7.5M
    -rw-r--r--.  1 root root  16K Apr  3 13:26 centminmod_123.09beta01.b017_030418-132516_yuminstall_centos7.log
    -rw-r--r--.  1 root root  16K Apr  3 13:26 centminmod_yumtimes_030418-132516.log
    -rw-r--r--.  1 root root   37 Apr  3 13:26 centminmod_profiletimes_030418-132516.log
    -rw-r--r--.  1 root root 2.2K Apr  3 13:26 cmm-login-git-checks_030418-132617.log
    -rw-r--r--.  1 root root  81K Apr  3 13:26 centminmod_downloadtimes_030418-132516.log
    -rw-r--r--.  1 root root 1.3K Apr  3 13:26 securedtmp.log
    -rw-r--r--.  1 root root    0 Apr  3 13:26 patch_opensslpatches_030418-132516.log
    -rw-r--r--.  1 root root   45 Apr  3 13:30 centminmod_opensslinstalltime_030418-132516.log
    -rw-r--r--.  1 root root    8 Apr  3 13:31 patch_patchnginx_030418-132516.log
    -rw-r--r--.  1 root root 1.9K Apr  3 13:31 gcc_native.log
    -rw-r--r--.  1 root root 1.5K Apr  3 13:31 nginx-configure-030418-132516.log
    -rw-r--r--.  1 root root 2.7M Apr  3 13:37 centminmod_ngxinstalltime_030418-132516.log
    -rw-r--r--.  1 root root 9.4K Apr  3 13:39 setio_innodbstatus-before-030418-133941.log
    -rw-r--r--.  1 root root  783 Apr  3 13:39 centminmod_setio_030418-133941.log
    -rw-r--r--.  1 root root 9.4K Apr  3 13:39 setio_innodbstatus-after-030418-133941.log
    -rw-r--r--.  1 root root   58 Apr  3 13:49 centminmod_phpinstalltime_030418-132516.log
    -rw-r--r--.  1 root root  476 Apr  3 13:49 zendopcache_passfile.txt
    -rw-r--r--.  1 root root  27K Apr  3 13:54 centminmod_123.09beta01.b017_030418-132516_yum-log.log
    -rw-r--r--.  1 root root  125 Apr  3 13:54 install.utc.time.log
    -rw-r--r--.  1 root root 4.5M Apr  3 13:54 centminmod_123.09beta01.b017_030418-132516_install.log
    -rw-r--r--.  1 root root   19 Apr  3 13:54 getcmtime_installtime_030418-131712.log
    -rw-r--r--.  1 root root   56 Apr  3 13:54 firstyum_installtime_030418-131712.log
    -rw-r--r--.  1 root root  809 Apr  3 13:54 install_time_stats_030418-131712.log
    -rw-r--r--.  1 root root 6.5K Apr  3 13:54 sar-u-installstats.log
    -rw-r--r--.  1 root root 5.8K Apr  3 13:54 sar-q-installstats.log
    -rw-r--r--.  1 root root 9.0K Apr  3 13:54 sar-r-installstats.log
    -rw-r--r--.  1 root root  16K Apr  3 13:54 sar-d-installstats.log
    -rw-r--r--.  1 root root 5.1K Apr  3 13:54 sar-b-installstats.log
    -rw-r--r--.  1 root root 4.4K Apr  3 13:54 yum-timedhosts.txt
    -rw-r--r--.  1 root root 1.3K Apr  3 14:02 centminmod_123.09beta01.b017_030418-135843_nginx_addvhost-remove-cmds-usa2eg.com.log
    -rw-r--r--.  1 root root  15K Apr  3 14:02 centminmod_123.09beta01.b017_030418-135843_nginx_addvhost.log
    -rw-r--r--.  1 root root  293 Apr  3 14:28 centminmod_123.09beta01.b017_030418-142825_git_updatecur_branch.log
    -rw-r--r--.  1 root root  293 Apr  3 14:47 centminmod_123.09beta01.b017_030418-144731_git_updatecur_branch.log
    -rw-r--r--.  1 root root 2.8K Apr  3 21:48 cmm-login-git-checks_030418-214811.log
    -rw-r--r--.  1 root root 2.8K Apr  3 22:28 cmm-login-git-checks_030418-222843.log
    -rw-r--r--.  1 root root 2.8K Apr  4 03:36 cmm-login-git-checks_040418-033605.log
    -rw-r--r--.  1 root root 2.8K Apr  4 15:10 cmm-login-git-checks_040418-151000.log
    drwxr-xr-x.  2 root root 4.0K Apr  4 16:18 .
    -rw-r--r--.  1 root root 2.8K Apr  4 16:18 cmm-login-git-checks_040418-161838.log
    drwxr-xr-x. 10 root root 4.0K Apr  4 16:24 ..
    
    Code:
    grep acme /var/log/cron* | sed -e "s|$(hostname -s)|host|g"
    no results
    Code:
    [16:39][[email protected] ~]# echo y | /usr/local/src/centminmod/addons/acmetool.sh checkdates
    
    -------------------------------------------------
    acmetool.sh is in beta testing phase
    please read & provide bug reports &
    feedback for this tool via the forums
    https://centminmod.com/acmetool
    -------------------------------------------------
    
    Code:
    [16:40][[email protected] ~]# "/root/.acme.sh"/acme.sh --cron --home "/root/.acme.sh"
    -bash: /root/.acme.sh/acme.sh: No such file or directory
    
    Code:
    [16:40][[email protected] ~]# echo | openssl s_client -connect usa2eg.com:443
    
    CONNECTED(00000003)
    depth=0 C = US, ST = California, L = Los Angeles, O = usa2eg.com, OU = usa2eg.com, CN = usa2eg.com
    verify error:num=18:self signed certificate
    verify return:1
    depth=0 C = US, ST = California, L = Los Angeles, O = usa2eg.com, OU = usa2eg.com, CN = usa2eg.com
    verify return:1
    ---
    Certificate chain
     0 s:/C=US/ST=California/L=Los Angeles/O=usa2eg.com/OU=usa2eg.com/CN=usa2eg.com
       i:/C=US/ST=California/L=Los Angeles/O=usa2eg.com/OU=usa2eg.com/CN=usa2eg.com
    ---
    Server certificate
    -----BEGIN CERTIFICATE-----
    MIIDbDCCAlQCCQC15qx3gdOSezANBgkqhkiG9w0BAQsFADB3MQswCQYDVQQGEwJV
    UzETMBEGA1UECAwKQ2FsaWZvcm5pYTEUMBIGA1UEBwwLTG9zIEFuZ2VsZXMxEzAR
    BgNVBAoMCnVzYTJlZy5jb20xEzARBgNVBAsMCnVzYTJlZy5jb20xEzARBgNVBAMM
    CnVzYTJlZy5jb20wIBcNMTgwNDAzMTQwMTAyWhgPMjExODAzMTAxNDAxMDJaMHcx
    CzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQHDAtMb3Mg
    QW5nZWxlczETMBEGA1UECgwKdXNhMmVnLmNvbTETMBEGA1UECwwKdXNhMmVnLmNv
    bTETMBEGA1UEAwwKdXNhMmVnLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
    AQoCggEBANK/O0zoMlQabx2EvCwVmr26Mc6H6jM5WCEZd7iC2bawRpCbdQjD9Quh
    A89Vnggjgk5rMTQ88FKEV/8FTGd8X+7XDvYOkiI324a3mmrQWzN0J94W9XUrux9r
    kIY4Xz1PERtSUmwP9Bu4dpgxvbtbkVzlObjnlOTIhzZFyKF/hoGIc384c8qmxZj2
    vS1+ju7yb2QmsAwuG9kXX30rz/4ZAfueURzOWiSxKigYzakwCJHD1zNMT6v6FdAl
    FJKbY3ilAz3g+WzbG7EUdcOiF8RvrT6KgwOuxMRH4m7qfOUPzaWPvFKRij4w4f8L
    Nb6dONrDuBBmQuyAecZ09ro97ybxJMkCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEA
    ac80WUHWMybYZZi3EucgQoQkZQDOBPo8lX2ImQdUbrR4FvlgWUoCPCNhDWIoCpAM
    ci6idKw0oxe1cxDHS6ra0n+vHu1aohuEgpIxFjN/9W871mDnwHITkIEOWbR5SGc0
    9k/ANItT5BWvcFpusl+QvFDp+M63sp1Rgt2q3Xyd/EW8YRtJZs6Gelxp7noglpDU
    aQoHx36YgtRgGk3OX5RtTmEKx9zgsmt70U7uhKngRoknS4qO6t1ehQF8rFVKxcPf
    TH8GA3KueJwKjRp4zsbSkigSpooFgHPmptFnt8Z6Wfu0TAvr3Y3iRLKLoihrNHUT
    3vOmV0e/Ld3HGin85a+PUw==
    -----END CERTIFICATE-----
    subject=/C=US/ST=California/L=Los Angeles/O=usa2eg.com/OU=usa2eg.com/CN=usa2eg.com
    issuer=/C=US/ST=California/L=Los Angeles/O=usa2eg.com/OU=usa2eg.com/CN=usa2eg.com
    ---
    No client certificate CA names sent
    Peer signing digest: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    ---
    SSL handshake has read 1550 bytes and written 415 bytes
    ---
    New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
        Protocol  : TLSv1.2
        Cipher    : ECDHE-RSA-AES128-GCM-SHA256
        Session-ID: 1E8A56541C638567A59829D02FFC7AAD59F9AB620D13B2B7C9B8EC0ACEAF2E74
        Session-ID-ctx:
        Master-Key: 0F874E68CC8B5CC5F278601ABDBF8A9EFFA21D3FFC9CD1010384F4D5080C7254CA5BD98C0570BAA9CBFF8EB5ECAB5FCC
        Key-Arg   : None
        Krb5 Principal: None
        PSK identity: None
        PSK identity hint: None
        TLS session ticket lifetime hint: 3600 (seconds)
        TLS session ticket:
        0000 - 71 6b 6e 71 2b 99 48 ac-9b 52 1a da 9e 28 94 ec   qknq+.H..R...(..
        0010 - c9 dc 5f 50 04 23 94 fa-0e 9c bc 9f 40 ca 42 3b   .._P.#[email protected];
        0020 - f0 30 8a ed fb 0e d9 50-12 ae fb 1e 73 b9 6d f2   .0.....P....s.m.
        0030 - ea bc 06 3d 93 53 80 8a-9c 01 ab 5c 7a 4a 20 c0   ...=.S.....\zJ .
        0040 - db 6f 0c 2d 61 77 3b 51-7e 9b da 77 87 ab a8 4a   .o.-aw;Q~..w...J
        0050 - 8a 50 bc 4b d7 f6 bd aa-21 a7 72 3e b8 aa 97 b0   .P.K....!.r>....
        0060 - ce fe cc 61 29 ba 68 5e-69 20 57 a8 ef d2 0c b0   ...a).h^i W.....
        0070 - 8b 51 b7 82 27 c5 4f 21-f8 11 5d 5a 64 c7 0c 82   .Q..'.O!..]Zd...
        0080 - 3d ad e8 4c f5 52 9e 6e-1e a2 6c ab ed 44 39 e5   =..L.R.n..l..D9.
        0090 - df 70 64 7f 7a 71 c5 5e-f8 ee a4 3d 34 f3 0b 9b   .pd.zq.^...=4...
        00a0 - a7 28 e1 67 c8 57 51 df-98 25 30 c7 28 aa ce 17   .(.g.WQ..%0.(...
    
        Start Time: 1522860073
        Timeout   : 300 (sec)
        Verify return code: 18 (self signed certificate)
    ---
    DONE
    
     
    Last edited: Apr 5, 2018
  5. eva2000

    eva2000 Administrator Staff Member

    36,422
    7,994
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,308
    Local Time:
    9:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    You never enabled and installed acme.sh as outlined at Letsencrypt - Official acmetool.sh testing thread for Centmin Mod 123.09beta01 and /or at Using Centmin Mod acmetool.sh addon for Nginx HTTP/2 based HTTPS with free Letsencrypt SSL certificates. Without enable LETSENCRYPT_DETECT='y', you won't get to use letsencrypt ssl certificates in addons/acmetool.sh or via centmin.sh menu options 2, 22 or nv commands. And only get the self signed untrusted test SSL certificates.

     
  6. gamal

    gamal Member

    38
    3
    8
    Jan 31, 2018
    Ratings:
    +3
    Local Time:
    9:53 PM
    1.13.8
    ok i have done that now, any further steps cause the website still not working ??
     
  7. eva2000

    eva2000 Administrator Staff Member

    36,422
    7,994
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,308
    Local Time:
    9:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    After install acme.sh, you still need to issue a valid letsencrypt ssl certificate which you may be able to do using migrating existing vhost to letsencrypt ssl guide at Migrating Existing Nginx Vhost From HTTP to HTTP/2 based HTTPS With Letsencrypt SSL Certificates

    But if you're VPS is disposable, easiest thing to do is start with fresh CentOS 7 64bit OS and install centmin mod 123.09beta01 again but this time BEFORE creating vhost, make sure set in persistent config file /etc/centminmod/custom_config.inc variable LETSENCRYPT_DETECT='y' first and then create nginx vhost via centmin.sh menu option 2, 22 or nv command as outlined at Nginx Vhost & NSD DNS Setup - CentminMod.com LEMP Nginx web stack for CentOS
     
  8. gamal

    gamal Member

    38
    3
    8
    Jan 31, 2018
    Ratings:
    +3
    Local Time:
    9:53 PM
    1.13.8
    i run through the tutorial offered by you, migrating and everything is ok. i make a check on ssl checker and it seems pretty good:
    SSL Checker - SSL Certificate Verify

    but still the wordpress website is giving 500 error
     
  9. eva2000

    eva2000 Administrator Staff Member

    36,422
    7,994
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +12,308
    Local Time:
    9:53 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
..