meteor-up icon indicating copy to clipboard operation
meteor-up copied to clipboard

Published 20 hours ago verified publisher icon zodern

HTTPS error

Open engenheiro opened this issue 3 years ago • 3 comments

Mup version (mup --version): 1.5.5

Mup config

{
  "servers": {
    "one": {
      "host": "1.2.3.4",
      "username": "root",
      "password": "password"
    }
  },
  "app": {
    "name": "my-app",
    "path": "../",
    "servers": {
      "one": {}
    },
    "buildOptions": {
      "serverOnly": true,
      "buildLocation": "C:\\Users\\Rodrigo\\AppData\\Local\\Temp\\mup-meteor-1b24df95-00bb-435c-9a5b-4a736bda5aa4",
      "cleanBuildLocation": true
    },
    "env": {
      "ROOT_URL": "https://subdomain.subdomain.host.com",
      "MONGO_URL": "mongodb://mongodb:27017/my-app",
      "MONGO_OPLOG_URL": "mongodb://mongodb/local",
      "VIRTUAL_HOST": "subdomain.subdomain.host.com",
      "HTTPS_METHOD": "noredirect",
      "LETSENCRYPT_HOST": "subdomain.subdomain.host.com",
      "LETSENCRYPT_EMAIL": "[email protected]",
      "VIRTUAL_PORT": 3000,
      "HTTP_FORWARDED_COUNT": 1
    },
    "docker": {
      "image": "zodern/meteor:root",
      "stopAppDuringPrepareBundle": true,
      "imagePort": 3000,
      "args": [
        "--link=mongodb:mongodb"
      ]
    },
    "enableUploadProgressBar": true,
    "type": "meteor"
  },
  "mongo": {
    "version": "3.4.1",
    "servers": {
      "one": {}
    },
    "dbName": "viajepark"
  },
  "proxy": {
    "domains": "subdomain.subdomain.host.com",
    "ssl": {
      "letsEncryptEmail": "[email protected]"
    }
  }

Output of command

HTTPS ERROR:

NET::ERR_CERT_AUTHORITY_INVALID

OBS.: I tried several times. I changed server, domain, different versions of Meteor and even the MUP and it always returned the same HTTPS certification error. I even tried to upload a new project that had worked with the same settings and the error persisted.

engenheiro avatar Feb 06 '22 18:02 engenheiro

I'm not sure if this is the same problem Clicking on the warning triangle I get this image

and then clicking on the "Certificate is not valid" I get

image

Your mup file looks similar to mine, except I don't have ENV vars for LETSENCRYPT_HOST and _EMAIL and I do have

    shared: {
      env: {
        DEFAULT_HOST: 'app.settleeasy.com',
      },
    },

in the proxy section

So it looks like the cert is being generated using a root certificate which is not valid. Not sure how to change this.

I tried upgrading to mup 1.5.7 and stopping it and doing a mup setup again without success

mikkelking avatar Feb 18 '22 07:02 mikkelking

False alarm. It turns out that the IP Address of one of the domains listed was not pointing to this server. Once I corrected that mistake and did a mup reconfig then it all came good.

A bit of an obscure issue, I wonder if an error could be generated somewhere along the line, because the "invalid root certificate" was a real red herring.

mikkelking avatar Feb 18 '22 22:02 mikkelking

In case others hit these issues, use this command for troubleshooting:

mup proxy logs-le

It helps find issues with certificate generation/verification.

matt-dale avatar Mar 30 '22 14:03 matt-dale