Where is the ssl certificate located in new ee4 installation?

muralikumar · December 4, 2018, 6:21pm

I want to change ssl certificate from letsencrypt to one provided by cloudflare. My site is currently down. Please help me location ssl certificate path in new easyengine4

msarhan · December 4, 2018, 8:53pm

/opt/easyengine/services/nginx-proxy/certs/

When you put your cloudflare certs you’ll need to match the file name / structure as the certs folder has now

muralikumar · December 5, 2018, 4:20am

I finally found the issue. I think its the issue with nginx configuration file at /opt/easyengine/services/nginx-proxy/conf.d/domain.com-redirect.conf , where domain.com is y domain name.
Here you have the following code

server {
        listen  443;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:$
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate /etc/nginx/certs/domain.com.crt;
        ssl_certificate_key /etc/nginx/certs/domain.com.key;
        server_name  www.domain.com;
        return  301 https://domain.com$request_uri;
}

``
I had to comment out the last line. Because , you dont need redirection when its port 443, or https. 
Guys, fix this configuration file or more people will get confused.

muralikumar · December 5, 2018, 4:23am

My previous post is hidden by akismet… so, check it guys. Let me clarify the issue here itself.
you have redirection code at /opt/easyengine/services/nginx-proxy/conf.d/domain.com-redirect.conf
You should have redirection only from http to https. But you also have added redirection from https to https. Which is causing redirection loop. I commented out the last line for ssl, where you have added redirection and it works fine now .

muralikumar · December 5, 2018, 4:40am

I have submitted a pull request here : https://github.com/EasyEngine/easyengine/pull/1337

kirtan · December 5, 2018, 5:37am

@muralikumar As @mriyam.tamuli said on PR the redirection is not from https -> https. It is redirection from www.example.com -> example.com. Which is necessary. If you want to have a site with www in it, you need to add it in the name while creating site - i.e. ee site create www.example.com

muralikumar · December 5, 2018, 6:41am

Okay. for me i had to comment out that line to stop redirection loop…

mriyam.tamuli · December 5, 2018, 6:44am

server_name www.example.com;
return  301 https://example.com$request_uri;

EasyEngine is only doing this redirection. You mention using Cloudflare SSL. If you’ve set Cloudflare also to redirect https://example.com to https://www.example.com I guess then, there would be a redirection loop.

Anyways, it’s great that your issue is resolved.

mriyam.tamuli · December 5, 2018, 6:44am