So I have an old Ubuntu 16.04 server and I've recently installed let'sencrypt SSL. Before I used to use an SSL from Sectigo RSA and it worked perfectly but after I updated it to let's encrypt it's showing this error:
SSLError at /layers/geonode:test
("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
Request Method: GET
Request URL: https://x.com/layers/geonode:test
Django Version: 1.8.7
Exception Type: SSLError
Exception Value:
("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
Exception Location: /usr/local/lib/python2.7/dist-packages/requests/adapters.py in send, line 497
Python Executable: /usr/bin/uwsgi-core
Python Version: 2.7.12
Python Path:
['.',
'',
'/usr/lib/python2.7',
'/usr/lib/python2.7/plat-x86_64-linux-gnu',
'/usr/lib/python2.7/lib-tk',
'/usr/lib/python2.7/lib-old',
'/usr/lib/python2.7/lib-dynload',
'/root/.local/lib/python2.7/site-packages',
'/usr/local/lib/python2.7/dist-packages',
'/usr/lib/python2.7/dist-packages',
'/var/www/x/x']
Server time: Fri, 4 Aug 2023 19:30:56 +0600
I've tried updating the root ca-certificates with sudo apt install ca-certificates but it says:
ca-certificates is already the newest version (20210119~16.04.1).
0 upgraded, 0 newly installed, 0 to remove and 392 not upgraded.
And here's how my nginx configuration looks like:
server {
server_name x.com;
return 301 $scheme://x.com$request_uri;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/x.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/x.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = x.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name x.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name x.com;
# include snippets/x-signed.conf;
# include snippets/ssl-params.conf;
ssl_certificate /etc/letsencrypt/live/x.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/x.com/privkey.pem; # managed by Certbot
charset utf-8;
access_log /var/log/nginx/x.access.log;
error_log /var/log/nginx/x.error.log info;
# sit2605
client_max_body_size 1600M;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www$fastcgi_script_name;
include fastcgi_params;
# Increasing timeout
fastcgi_read_timeout 600;
}
location / {
root /var/www/uploads;
try_files $uri @wsgiapp;
}
location @wsgiapp {
uwsgi_read_timeout 10800;
uwsgi_pass unix:///var/lib/uwsgisock/x.sock;
include /etc/nginx/uwsgi_params;
}
location /geoserver/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://x.x.x.x:8080/geoserver/;
}
}
server {
if ($host = x.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name x.com;
listen 80;
return 404; # managed by Certbot
}
Any idea on how to fix it?
from SSL ("bad handshake: Error([('SSL routines', 'ssl3_get_server_certificate', 'certificate verify failed')],)",)
No comments:
Post a Comment