Where is the ssl certificate located in new ee4 installation?


#1

I want to change ssl certificate from letsencrypt to one provided by cloudflare. My site is currently down. Please help me location ssl certificate path in new easyengine4


#2

/opt/easyengine/services/nginx-proxy/certs/

When you put your cloudflare certs you’ll need to match the file name / structure as the certs folder has now


#3

I finally found the issue. I think its the issue with nginx configuration file at /opt/easyengine/services/nginx-proxy/conf.d/domain.com-redirect.conf , where domain.com is y domain name.
Here you have the following code

server {
        listen  443;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
        ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:$
        ssl_prefer_server_ciphers on;
        ssl_session_timeout 5m;
        ssl_session_cache shared:SSL:50m;
        ssl_session_tickets off;
        ssl_certificate /etc/nginx/certs/domain.com.crt;
        ssl_certificate_key /etc/nginx/certs/domain.com.key;
        server_name  www.domain.com;
        return  301 https://domain.com$request_uri;
}

``
I had to comment out the last line. Because , you dont need redirection when its port 443, or https. 
Guys, fix this configuration file or more people will get confused.

#4

My previous post is hidden by akismet… so, check it guys. Let me clarify the issue here itself.
you have redirection code at /opt/easyengine/services/nginx-proxy/conf.d/domain.com-redirect.conf
You should have redirection only from http to https. But you also have added redirection from https to https. Which is causing redirection loop. I commented out the last line for ssl, where you have added redirection and it works fine now .


#5

I have submitted a pull request here : https://github.com/EasyEngine/easyengine/pull/1337


#6

@muralikumar As @mriyam.tamuli said on PR the redirection is not from https -> https. It is redirection from www.example.com -> example.com. Which is necessary. If you want to have a site with www in it, you need to add it in the name while creating site - i.e. ee site create www.example.com


#7

Okay. for me i had to comment out that line to stop redirection loop…


#8
server_name  www.healthywomenguide.com;
return  301 https://healthywomenguide.com$request_uri;

EasyEngine is only doing this redirection. You mention using Cloudflare SSL. If you’ve set Cloudflare also to redirect https://healthywomenguide.com to https://www.healthywomenguide.com I guess then, there would be a redirection loop.

Anyways, it’s great that your issue is resolved. :slight_smile:


#9