Discussion NET::ERR_CERT_AUTHORITY_INVALID when accessing apps.

Assists Greatly with Development Costs

tmyers07

Junior Member
Original poster
Local time
2:21 PM
Jun 28, 2018
3
0
PG Version
8.3.7
Server Type
Local - Virtual Machine
For a few weeks now, when I access my various apps, they all show the certificate as being invalid. I use Cloudflare as the provider. I have redeployed Traefik multiple times and the reverse proxy works with all apps with no issues, it's just I don't get the secure HTTPS connection. I have removed and re-added the domain to Cloudflare, regenerated the API key, verified 80 and 443 are port forwarded to the plexguide server, and I cannot seem to resolve the issue. I have tried multiple browsers, cleared cache, etc. Any help would be greatly appreciated. When I click on the cert in the browser, it does show this:
NET::ERR_CERT_AUTHORITY_INVALID
Subject: TRAEFIK DEFAULT CERT
Issuer: TRAEFIK DEFAULT CERT
Expires on: Feb 1, 2020
Current date: Feb 1, 2019
 

Attachments

Haulien

Noob
Local time
3:21 AM
Jan 24, 2019
1
0
For a few weeks now, when I access my various apps, they all show the certificate as being invalid. I use Cloudflare as the provider. I have redeployed Traefik multiple times and the reverse proxy works with all apps with no issues, it's just I don't get the secure HTTPS connection. I have removed and re-added the domain to Cloudflare, regenerated the API key, verified 80 and 443 are port forwarded to the plexguide server, and I cannot seem to resolve the issue. I have tried multiple browsers, cleared cache, etc. Any help would be greatly appreciated. When I click on the cert in the browser, it does show this:
NET::ERR_CERT_AUTHORITY_INVALID
Subject: TRAEFIK DEFAULT CERT
Issuer: TRAEFIK DEFAULT CERT
Expires on: Feb 1, 2020
Current date: Feb 1, 2019
I'm having much the same issue however with google cloud dns, not cloudflare. Generating a cert manually with certbot seems to work without issue.

EDIT: got mine fixed. Bad config on my part! Likely unrelated to OPs
 
Last edited:
S

subse7en

Guest
Enable cloudflare ssl,
Disable page caching in cloudflare settings

Run sudo docker logs -f traefik and see if there's an error with the acme.json permissions, if so fix and restart
 
  • Like
Reactions: Admin9705

mondychan

Junior Member
Local time
8:21 PM
Oct 26, 2018
8
9
Enable cloudflare ssl,
Disable page caching in cloudflare settings

Run sudo docker logs -f traefik and see if there's an error with the acme.json permissions, if so fix and restart
+1, after viewing the logs i found out my acme.json had wrong permissions for traefik to work

level=error msg="Unable to add ACME provider to the providers list: unable to get ACME account : permissions 775 for /etc/traefik/acme/acme.json are too open, please use 600"

so i simply changed the permission of /opt/appdata/traefik/acme/acme.json to 600 , restarted the traefik container, and whoala, fixed
 

hooper

Legendary Member
Staff
Donor
Local time
11:21 AM
Aug 1, 2018
310
116

tmyers07

Junior Member
Original poster
Local time
2:21 PM
Jun 28, 2018
3
0
I had this same permission issue with acme.json, I posted about it here https://plexguide.com/threads/lets-encrypt.3354/#post-19502

wondering if this chmod command could just be added to PG to fix this issue going forward.
I had this same permission issue with acme.json, I posted about it here https://plexguide.com/threads/lets-encrypt.3354/#post-19502

wondering if this chmod command could just be added to PG to fix this issue going forward.
This was the fix. It definitely had the issue with permissions on the acme.json file. As stated above, changed it to 600, restarted Traefik, and was good to go. I'm not sure how it would have been changed, or if perhaps it should be set to that as part of the PG installation. I'll leave that to the team. Thank you very much for the help!
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.


Maintenance Donations

Recommend NewsGroups

      Up To a 58% Discount!

Trending