Join the community today
Become a Member

SSL Cloudflare Sysadmin What's the best practice to set up a new server restored from snapshot of another server?

Discussion in 'System Administration' started by modder, May 16, 2021.

  1. modder

    modder Member

    53
    9
    8
    Dec 6, 2019
    Ratings:
    +12
    Local Time:
    11:04 AM
    I want to build a new server (B) by restoring a snapshot from another server (A) with different domain name.

    For server A, I have xenforo with latest centminmod. ssh port changed to say, 3030, by option 16 in centmin menu.

    Currently this is what I do to build server B from the snapshot of server A:

    1) restore the snapshot to server B and I can SSH to it with the same credentials as in server A

    2) in Cloudflare, everything is the same as server A except hostname and IP address, etc.

    3) in Cloudflare, I create cert/key in Original Server, then I update those cert/key in the server by the following commands:

    Code:
    # cat> *crt
    (the generated crt)
    CTL-D
    # cat > *key
    (the generated key)
    CTL-D
    4) Then I changed server name in the following two parts:

    Code:
    server {
          listen   80;
          server_name mydomain.com www.mydomain.com;
          return 302 https://$server_name$request_uri;
    }
    
    server {
      listen 443 ssl http2 reuseport;
      server_name mydomain.com www.mydomain.com;
    5) # ngxrestart

    Done. I should be able to see the same website running with my new domain name.

    Does it cover everything? I use this method to create some other websites without problem, but this time, I got the following error when loading the new site:

    400 Bad Request
    No required SSL certificate was sent



    Can find a clue for that..
     
    Last edited: May 16, 2021
  2. eva2000

    eva2000 Administrator Staff Member

    47,292
    10,700
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,625
    Local Time:
    1:04 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Are you using Cloudflare Authenticated Origin Pull certs?
     
  3. modder

    modder Member

    53
    9
    8
    Dec 6, 2019
    Ratings:
    +12
    Local Time:
    11:04 AM
    Oh yeah. I didn't turn this option on in Cloudflare new server settings. Thanks.
     
  4. eva2000

    eva2000 Administrator Staff Member

    47,292
    10,700
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,625
    Local Time:
    1:04 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Ah ha ! :D
     
  5. AHTOLLlKA

    AHTOLLlKA New Member

    22
    2
    3
    Dec 1, 2017
    Ratings:
    +6
    Local Time:
    6:04 AM