SSL certificate issue in docker+seafile Where could I have modified something?


My seafile server was working fine, and I wasn’t paying much attention to it. However, somehow its certificate from letsencrypt expired.

I turned it how, and back again, the usual fix I know for computer issues, but now my server won’t run

When I % sudo docker logs -f seafile
I obtain

*** Running /etc/my_init.d/…
*** Booting runit daemon…
*** Runit started as PID 23
*** Running /scripts/…
nginx: [emerg] PEM_read_bio_X509_AUX("/shared/ssl/mysitename.crt") failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE)

this error repeated many times.

I think I know what the error I made was. Somehow, I had forbidden the use of http without s, which forbade letsencrypt from doing its job properly

Any idea where I could have done that it the configuration files?

The problem was my firewall, preventing lets encrypt to do its job for renewal, and docker-compose would not recreate certificates a priori. So disable the firewall momentarily, rename the ssl /nginx folders, run docker-compose, and then after 15 mins say, re-enable the firewall. To be done every few months for certificate renewals.

Do you have both ports 80 and 443 open for Let’s Encrypt to use? It seems inconvenient to have to manually open the firewall every three months for certificate renewal.