We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Letsencrypt giving 500 internal server error
Letsencrypt giving 500 internal server error
Hello
I have been trying to use letsencrypt on my vps using vestacp. I have read the CLI instructions and added my user and domain and it all seemed to work but when I go to my domain using https it is showing a 500 internal server error but it works ok for the normal http address. I am using centos 6
This is the CLI I am using:-
User = userxyz
Domain = sub.domain.xyz
sub.domain.xyz was added as a addon domain.
Thanks all in advance for your assistance.
I have been trying to use letsencrypt on my vps using vestacp. I have read the CLI instructions and added my user and domain and it all seemed to work but when I go to my domain using https it is showing a 500 internal server error but it works ok for the normal http address. I am using centos 6
This is the CLI I am using:-
User = userxyz
Domain = sub.domain.xyz
sub.domain.xyz was added as a addon domain.
Code: Select all
v-add-letsencrypt-domain userxyz sub.domain.xyz
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Letsencrypt giving 500 internal server error
Does that command complete successfully ?
if so, goto your VestaCP and edit the domain to check if the SSL certificate is installed & enabled correctly
if so, goto your VestaCP and edit the domain to check if the SSL certificate is installed & enabled correctly
Re: Letsencrypt giving 500 internal server error
Thank you for your reply
Everything seems to run ok as no errors are shown when the command is run.
I have logged into my control panel and looked at the domain and everything seems to be ok as there is all SSL keys filled in and selected as they should be.
I still get the 500 internal server error.
Thanks in advance.
Everything seems to run ok as no errors are shown when the command is run.
I have logged into my control panel and looked at the domain and everything seems to be ok as there is all SSL keys filled in and selected as they should be.
I still get the 500 internal server error.
Thanks in advance.
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Letsencrypt giving 500 internal server error
check your domain here
https://www.ssllabs.com/ssltest/
https://www.ssllabs.com/ssltest/
Re: Letsencrypt giving 500 internal server error
Thank you for your reply
I have ran the domain through the site that you posted and I get a overall rating of B
The detail Info is as follows:-
Protocol Details
DROWN (experimental) No, server keys and hostname not seen elsewhere with SSLv2
(1) For a better understanding of this test, please read this longer explanation
(2) Key usage data kindly provided by the Censys network search engine; original DROWN test here
(3) Censys data is only indicative of possible key and certificate reuse; possibly out-of-date and not complete
Secure Renegotiation Supported
Secure Client-Initiated Renegotiation No
Insecure Client-Initiated Renegotiation No
BEAST attack Not mitigated server-side (more info) TLS 1.0: 0xc014
POODLE (SSLv3) No, SSL 3 not supported (more info)
POODLE (TLS) No (more info)
Downgrade attack prevention Yes, TLS_FALLBACK_SCSV supported (more info)
SSL/TLS compression No
RC4 No
Heartbeat (extension) Yes
Heartbleed (vulnerability) No (more info)
OpenSSL CCS vuln. (CVE-2014-0224) No (more info)
OpenSSL Padding Oracle vuln.
(CVE-2016-2107) No (more info)
Forward Secrecy Weak key exchange WEAK
ALPN No
NPN Yes http/1.1
Session resumption (caching) Yes
Session resumption (tickets) Yes
OCSP stapling No
Strict Transport Security (HSTS) No
HSTS Preloading Not in: Chrome Edge Firefox IE Tor
Public Key Pinning (HPKP) No
Public Key Pinning Report-Only No
Long handshake intolerance No
TLS extension intolerance No
TLS version intolerance No
Incorrect SNI alerts No
Uses common DH primes Yes Replace with custom DH parameters if possible (more info)
DH public server param (Ys) reuse No
SSL 2 handshake compatibility Yes
Protocols
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
Miscellaneous
Test date Wed, 19 Oct 2016 10:24:11 UTC
Test duration 88.191 seconds
HTTP status code 502
HTTP server signature nginx
Server hostname -
Thanks in advance
I have ran the domain through the site that you posted and I get a overall rating of B
The detail Info is as follows:-
Protocol Details
DROWN (experimental) No, server keys and hostname not seen elsewhere with SSLv2
(1) For a better understanding of this test, please read this longer explanation
(2) Key usage data kindly provided by the Censys network search engine; original DROWN test here
(3) Censys data is only indicative of possible key and certificate reuse; possibly out-of-date and not complete
Secure Renegotiation Supported
Secure Client-Initiated Renegotiation No
Insecure Client-Initiated Renegotiation No
BEAST attack Not mitigated server-side (more info) TLS 1.0: 0xc014
POODLE (SSLv3) No, SSL 3 not supported (more info)
POODLE (TLS) No (more info)
Downgrade attack prevention Yes, TLS_FALLBACK_SCSV supported (more info)
SSL/TLS compression No
RC4 No
Heartbeat (extension) Yes
Heartbleed (vulnerability) No (more info)
OpenSSL CCS vuln. (CVE-2014-0224) No (more info)
OpenSSL Padding Oracle vuln.
(CVE-2016-2107) No (more info)
Forward Secrecy Weak key exchange WEAK
ALPN No
NPN Yes http/1.1
Session resumption (caching) Yes
Session resumption (tickets) Yes
OCSP stapling No
Strict Transport Security (HSTS) No
HSTS Preloading Not in: Chrome Edge Firefox IE Tor
Public Key Pinning (HPKP) No
Public Key Pinning Report-Only No
Long handshake intolerance No
TLS extension intolerance No
TLS version intolerance No
Incorrect SNI alerts No
Uses common DH primes Yes Replace with custom DH parameters if possible (more info)
DH public server param (Ys) reuse No
SSL 2 handshake compatibility Yes
Protocols
TLS 1.2 Yes
TLS 1.1 Yes
TLS 1.0 Yes
SSL 3 No
SSL 2 No
Miscellaneous
Test date Wed, 19 Oct 2016 10:24:11 UTC
Test duration 88.191 seconds
HTTP status code 502
HTTP server signature nginx
Server hostname -
Thanks in advance
Re: Letsencrypt giving 500 internal server error
Ok..................
An update :)
I have managed to get the https working for my domain. A port was blocked and was making things go all strange. I unblocked the port and all is well.
A final question:-
Are all of the certificates created with cli automatically updated after the 90 days?
Thanks :)
An update :)
I have managed to get the https working for my domain. A port was blocked and was making things go all strange. I unblocked the port and all is well.
A final question:-
Are all of the certificates created with cli automatically updated after the 90 days?
Thanks :)
-
- Support team
- Posts: 1096
- Joined: Sat Sep 06, 2014 9:58 pm
- Contact:
- Os: Debian 8x
- Web: apache + nginx
Re: Letsencrypt giving 500 internal server error
No you have to renew them manually!
to update them automatically, you can setup a cron job of the command
to update them automatically, you can setup a cron job of the command