Aha!
So when froxlor is handling the certs, it has the individual cert,
chain, key, CA files.
I compared to my certs that I'd done with certbot directly and
realized that I was giving ASSP the pure chain file, not a combined
cert + chain file.
I should have thought of that before since I have several other
programs that require the combined one (and auto generate the pems for
them). Since the root VPS domain isn't a "hosted" domain, it wasn't
getting the full pem generated like the other domains.
I updated it, generated the full chain pem, and now ASSP is happy with
that one.
Thanks for all the help guys!
Now I just need to get everything else tweaked..haha
Mark II
----- Message from "William L. Thomson Jr." <[email protected]> ---------
Date: Thu, 28 Dec 2017 10:41:47 -0500
From: "William L. Thomson Jr." <[email protected]>
Reply-To: For Users of ASSP <[email protected]>
Subject: Re: [Assp-user] Problems getting TLS working
To: [email protected]
On Wed, 27 Dec 2017 00:26:33 +0000
Mark D Montgomery II <[email protected]> wrote:
Ok, so it SHOULD work.
In SSL Proxy and TLS Settings:
DoTLS: do TLS
SSLCertFile: /etc/ssl/froxlor-custom/mydomain_chain.pem
SSLKeyFile: /etc/ssl/froxlor-custom/mydomain.key
SSLCAFile: /etc/ssl/froxlor-custom/mydomain_CA.pem
Not sure which your using. Let's Encrypt filenames are fullchain.pem
and privkey.pem. Those should be the only two you need. Point
SSLCertFile to fullchain.pem and SSLKeyFile to privkey.pem. The
SSLCAFile should not be necessary. Leave that blank. That maybe what is
causing your problem now. Could try removing that first.
Otherwise if you modified the files from Let's Encrypt at all, do not.
They are good to go as they come from them.
--
William L. Thomson Jr.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
----- End message from "William L. Thomson Jr." <[email protected]> -----
--
Mark D Montgomery II
[email protected]
https://www.techiem2.net
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
