Trying to Setup SSL (again) on Ghost using LetsEncrypt / bncert-tool

Keywords: Ghost - Virtual Machines - Technical issue - Secure Connections (SSL/HTTPS)
bnsupport ID: eef1e64b-7e50-8b7b-b2f2-646ca168a7bd
Description:
I was getting errors with my letsencrypt SSL and I’m trying to re-run the bncert-tool but am getting these errors:

Syntax error on line 73 of /opt/bitnami/apache2/conf/bitnami/bitnami.co nf:
SSLCertificateFile: file ‘/opt/bitnami/apache2/conf/server.crt’ does not exist o r is empty

while troubleshooting this I ended up deleting the Certificate Renewal commands in ChronTab . I’m just trying to reset this up clean to see if I can get it to work. Thx.

Hi @isaac1,

It seems the Apache’s configuration are not using the correct certificate files, did you modify the configuration lately? Please edit the /opt/bitnami/apache2/conf/bitnami/bitnami.conf file, update these lines

SSLCertificateFile "/opt/bitnami/apache2/conf/thebluedrift.com.crt"
SSLCertificateKeyFile "/opt/bitnami/apache2/conf/thebluedrift.com.key"

and restart Apache

sudo /opt/bitnami/ctlscript.sh restart apache

Please ensure Apache is working properly before running the Bitnami HTTPS configuration tool again to generate new certificates.

Thanks - yes - I had edited bitnami.conf trying to create dummy certs (probably did it wrong).

I’ve made the edits back to what you suggested.

When I restart Apache I still get a syntax error:

AH00526: Syntax error on line 14 of /opt/bitnami/apps/ghost/conf/httpd-vhosts.conf:
SSLCertificateFile: file '/opt/bitnami/apps/ghost/conf/certs/server.crt' does not exist or is empty
apache config test fails, aborting

FYI…this is what the httppd-vhosts.conf file looks like right now:

<VirtualHost *:80>
    ServerName thebluedrift.com
    ServerAlias www.thebluedrift.com
    DocumentRoot "/opt/bitnami/apps/ghost/htdocs"

    Include "/opt/bitnami/apps/ghost/conf/httpd-app.conf"
</VirtualHost>

<VirtualHost *:443>
    ServerName thebluedrift.com
    ServerAlias www.thebluedrift.com
    DocumentRoot "/opt/bitnami/apps/ghost/htdocs"
    SSLEngine on
    SSLCertificateFile "/opt/bitnami/apps/ghost/conf/certs/server.crt"
    SSLCertificateKeyFile "/opt/bitnami/apps/ghost/conf/certs/server.key"

    Include "/opt/bitnami/apps/ghost/conf/httpd-app.conf"
</VirtualHost>

Sorry, here is a better view of what the httpd-vhosts.conf looks like:

Hi @isaac1,

You also need to update the SSLCertificate lines in the httpd-vhosts.conf to look like this

    SSLCertificateFile "/opt/bitnami/apache2/conf/thebluedrift.com.crt"
    SSLCertificateKeyFile "/opt/bitnami/apache2/conf/thebluedrift.com.key"

Once you restart Apache, you shouldn’t receive any error

Thanks for the suggestion. I just updated the SSL certificate lines in httpd-vhosts.conf and restarted but got similar error:

Hi @isaac1,

The path you set is wrong. You are using

    SSLCertificateFile "/opt/bitnami/apps/ghost/conf/certs/thebluedrift.com.crt"
    SSLCertificateKeyFile "/opt/bitnami/apps/ghost/conf/certs/thebluedrift.com.key"

when I told you to use

    SSLCertificateFile "/opt/bitnami/apache2/conf/thebluedrift.com.crt"
    SSLCertificateKeyFile "/opt/bitnami/apache2/conf/thebluedrift.com.key"

The SSL certificates are inside the /opt/bitnami/apache2/conf/ folder.

Happy to help!


Was my answer helpful? Click on :heart:

1 Like

OK, thanks! That was definitely my mistake and that is now fixed.
No more Apache Syntax Errors on restart. Great.

Now, the problem is that: thebluedrift.com isn’t resolving properly.

https://thebluedrift.com/ is taking me to the “You just installed Ghost using Bitnami” screen?

It only resolves properly when I add “www” (https://www.thebluedrift.com/)

I’m also noticing that the images are not displaying on the main page?

Hi @isaac1,

The Bitnami HTTPS configuration tool modifies the default ServerName in the Apache’s configuration. Let’s try to recover the previous value so the requests use your custom virtual host when using your www and non-www domains. You will need to edit the /opt/bitnami/apache2/conf/httpd.conf file and set the ServerName like this

ServerName localhost:80

After that, restart Apache and access your application again

sudo /opt/bitnami/ctlscript.sh restart apache

If you continue running into the same error, please run the Bitnami Support tool again.

https://docs.bitnami.com/general/how-to/understand-bnsupport/

Thanks! So that sort of worked.
thebluedrift.com” is resolving to the correct page now without any errors.
But, not its not HTTPS…its just “thebluedrift.com” instead of “https://thebluedrift.com

Should I rerun the bncert-tool again?

Hi @isaac1,

Please run the Bitnami support tool again so we get updated information about your configuration and logs.

https://docs.bitnami.com/general/how-to/understand-bnsupport/

Thanks

Here you go:

f3412e26-407f-ef64-12cf-d9dce05db096

Hi @isaac1,

You need to add the Rewrite rules in the /opt/bitnami/apps/ghost/conf/httpd-vhosts.conf file too. The Bitnami HTTPS configuration tool takes care of modifying the default virtual host, not the custom ones. You can take a look at /opt/bitnami/apache2/conf/bitnami/bitnami.conf to copy the lines.

However, I do not see any other application running in the server, so you do not need a custom virtual host. I think you can disable the virtual host in the /opt/bitnami/apache2/conf/bitnami/bitnami-apps-vhosts.conf file and enable the prefix one again in the /opt/bitnami/apache2/conf/bitnami/bitnami-apps-prefix.conf

# Bitnami applications installed in a prefix URL
Include "/opt/bitnami/apps/letsencrypt/conf/httpd-prefix.conf"
Include "/opt/bitnami/apps/ghost/conf/httpd-prefix.conf"

Once you restart Apache, your site should work properly

sudo /opt/bitnami/ctlscript.sh restart apache

Happy to help!


Was my answer helpful? Click on :heart:

1 Like

Thanks for your help! This should do it!

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.