Want to subscribe to topics you're interested in?
Become a Member

SSL error:2006D080

Discussion in 'Domains, DNS, Email & SSL Certificates' started by gamal, Apr 4, 2019.

Tags:
  1. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    Hello,

    i was trying to restart nginx when i realized that there is an issue for one of my domains. it seems that the option 22 didn't create some crt files..

    here is my error

    Code:
    nginx -t
    
    nginx: [emerg] SSL_CTX_load_verify_locations("/usr/local/nginx/conf/ssl/http2.wasfitnet.com/http2.wasfitnet.com-trusted.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/nginx/conf/ssl/http2.wasfitnet.com/http2.wasfitnet.com-trusted.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib)
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
    
    
     
  2. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    when was centmin.sh menu option 22 wordpress site created ?

    Troubleshooting Centmin Mod Menu Option 22 Wordpress Install Run



    To troubleshoot centmin.sh menu option 22 wordpress installation, you need to check the centmin.sh menu option 22 log located in /root/centminlogs at /root/centminlogs/centminmod_*_wordpress_addvhost.log based log where * is the centminmod version and date timestamp. Edit and mask any actual ftp username/password or wordpress usernames and logins before posting the log contents to Pastebin.com or Gists to share a sanitised version of the contents of the log.

    Example list /root/centminlogs files in date ascending order and grep for wordpress_addvhost.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep wordpress_addvhost.log
    

    example output returns log at /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    Code (Text):
    ls -lahrt /root/centminlogs | grep wordpress_addvhost.log
    -rw-r--r--  1 root root 2.2M Oct 11 01:40 /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    

    in SSH use cat to ouput contents of /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log. Clear your SSH client window/buffer so only output is the contents of the file
    Code (Text):
    cat /root/centminlogs/centminmod_1.2.3-eva2000.09.001_111016-112321_wordpress_addvhost.log
    

    Then copy and paste into Pastebin.com or Gists entry. If your SSH window scroll buffer isn't that large to get the whole contents of the install log, you can download file manually and copy and paste contents. But makes sure it's sanitised version of the contents without revealing sensitive info. For example you can replace domain name of the wordpress site with generic dummy entry = domain.com if you want and mask site/server IP revealed in the log with generic dummy entry = 111.222.333.444.
     
  3. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    ****
     
    Last edited by a moderator: Apr 5, 2019
  4. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    I removed the link, seems you didn't remove your username/passwords from it ? it was publicly available for a few hours so I'd be changing your wordpress username/passwords

    and also change your pure-ftpd username/password as outlined at https://centminmod.com/ftp.html

    also unrelated is your imagick php extension needs reinstalling, so run centmin.sh menu option 15
     
  5. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    As to letsencrypt cert if failed to issue/validate your domain and you have DNS issues - you are missing DNS A and if using IPv6 in nginx vhost you setup, also missing AAAA records for www version of your domain
    Code (Text):
    [Mon Mar 25 01:54:43 UTC 2019] Getting domain auth token for each domain
    [Mon Mar 25 01:54:45 UTC 2019] Getting webroot for domain='wasfitnet.com'
    [Mon Mar 25 01:54:45 UTC 2019] Getting webroot for domain='www.wasfitnet.com'
    [Mon Mar 25 01:54:45 UTC 2019] Verifying: wasfitnet.com
    [Mon Mar 25 01:54:48 UTC 2019] Success
    [Mon Mar 25 01:54:48 UTC 2019] Verifying: www.wasfitnet.com
    [Mon Mar 25 01:54:51 UTC 2019] www.wasfitnet.com:Verify error:dns :: DNS problem: NXDOMAIN looking up A for www.wasfitnet.com
    [Mon Mar 25 01:54:51 UTC 2019] Please check log file for more details: /root/centminlogs/acmetool.sh-debug-log-250319-014847.log
    LECHECK = 1
    

    if not using IPv6 listeners in nginx vhost, remove any AAAA IPv6 DNS records from your domain and www version of domain.

    then try acmetool.sh add reissue-only option
     
  6. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    i have removed the AAAA Record, and i run the reissue command, here is the result

    Code:
    wasfitnet.com nginx vhost doesn't already exist at
    /usr/local/nginx/conf/conf.d/wasfitnet.com.ssl.conf
    reissue-only command is for use with existing nginx HTTPS SSL based vhosts only
    aborting...
    [05:06][root@host1.3alamtaney.com addons]# ./acmetool.sh issue wasfitnet.com live
    
    
    so i tried the issue command not helping either, even removing the vhost with ssl command doesn't help

    Code:
    /root/tools/wp_uninstall_wasfitnet.com.sh
    
    Do you want to uninstall/delete WP install for wasfitnet.com
    This will delete all data from /home/nginx/domains/wasfitnet.com
    including any non-wordpress data installed at /home/nginx/domains/wasfitnet.com
    This script will NOT delete the database, you will have to manually remove the
    database named: wp2540810808db_15540
    Please backup your MySQL database called wp2540810808db_15540 before deleting
    -------------------------------------------------------------------------
    Uninstall WP Install For wasfitnet.com [y/n]: y
    
    Restarting nginx (via systemctl):  Job for nginx.service failed because the control process exited with error code. See "systemctl status nginx.service" and "journalctl -xe" for details.
    
    
     
  7. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    what's output for nginx config check now after removal of wordpress site
    Code (Text):
    nginx -t
     
  8. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    Code:
    nginx: [emerg] SSL_CTX_load_verify_locations("/usr/local/nginx/conf/ssl/http2.wasfitnet.com/http2.wasfitnet.com-trusted.crt") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/usr/local/nginx/conf/ssl/http2.wasfitnet.com/http2.wasfitnet.com-trusted.crt','r') error:2006D080:BIO routines:BIO_new_file:no such file error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib)
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
    You have new mail in /var/spool/mail/root
    
    
     
  9. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    that error is related to domain http2.wasfitnet.com, while the wordpress uninstall is related to wasfitnet.com so different nginx vhosts

    which are you trying to work with http2.wasfitnet.com or wasfitnet.com ?

    the error would be fixed with reissue-only for http2.wasfitnet.com and NOT wasfitnet.com
     
  10. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    i really don't know. for every nginx vhost i ever created i always use this format domainname.com.
    so i guess i want to work with wasfitnet.com
    where is the other one came from ?
     
  11. eva2000

    eva2000 Administrator Staff Member

    45,970
    10,442
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,203
    Local Time:
    10:27 AM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    you must of at one stage created http2.wasfitnet.com nginx vhost on the server which would have files at /home/nginx/domains/http2.wasfitnet.com/public - if there's nothing at that location then you can just remove the nginx vhost - when you created http2.wasfitnet.com, there would be a remove vhost log file created at /root/centminlogs which you can inspect to get exact commands to remove everything associated with http2.wasfitnet.com nginx vhost

    you can find the specific log doing a on the log directory
    Code (Text):
    ls -lahrt /root/centminlogs/ | grep http2.wasfitnet.com
    

    it should return the name of the file removal a log file like /root/centminlogs/centminmod_010419-091313_nginx_addvhost_nv-remove-cmds-http2.wasfitnet.com.log with the date timestamp and in that file it should contain the commands to run to remove everything associated with http2.wasfitnet.com nginx vhost
     
    Last edited: Apr 5, 2019
  12. gamal

    gamal Member

    97
    8
    8
    Jan 31, 2018
    Ratings:
    +11
    Local Time:
    10:27 AM
    1.13.8
    ok i have run all the commands inside this log file, Now it's working great.
    thx so much for help