Ghost SSL Fails on CA order process

Developer help
1

If you’re looking for help, please provide information about your environment. If you delete this template and don’t provide any information, your topic will be closed.

If you aren’t running the latest version of Ghost, the first thing we will ask you to do is update to the latest version of Ghost.

  • What’s your URL? This is the easiest way for others to help you
    coaltocloud.info

  • What version of Ghost are you using? If it’s not the latest, please update Ghost first before opening your topic
    ghost -v
    Ghost-CLI version: 1.17.3
    Ghost version: 4.11.0 (at /var/www/coaltocloud)
    And

  • How was Ghost installed and configured?
    manually with ghost CLI

  • What Node version, database, OS & browser are you using?
    mysql

My domain is:
coaltocloud.info

My web server is (include version):
nginx version: nginx/1.14.0 (Ubuntu)
The operating system my web server runs on is (include version):
18.04.5 LTS

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):
No
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):
0.27.0

I ran this command:ghost setup ssl
? Enter your email (For SSL Certificate)

  • sudo /etc/letsencrypt/acme.sh --issue --home /etc/letsencrypt --domain coaltocloud.info --webroot /var/www/coaltocloud/system/nginx-root --reloadcmd “nginx -s reload” --accountemail EMAIL
    ? Sudo Password [hidden]
    ☱ Setting up SSL > Getting SSL Certificate from Let’s Encrypt
    :heavy_multiplication_x: Setting up SSL
    One or more errors occurred.
  1. ProcessError

Message: Command failed: /bin/sh -c sudo -S -p ‘#node-sudo-passwd#’ /etc/letsencrypt/acme.sh --issue --home /etc/letsencrypt --domain coaltocloud.info --webroot /var/www/coaltocloud/system/nginx-root --reloadcmd “nginx -s reload” --accountemail
#node-sudo-passwd#[Sat Aug 14 18:13:12 UTC 2021] coaltocloud.info:Timeout
[Sat Aug 14 18:13:12 UTC 2021] Please add ‘–debug’ or ‘–log’ to check more details.
[Sat Aug 14 18:13:12 UTC 2021] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub

[Sat Aug 14 18:11:56 UTC 2021] Using CA: https://acme.zerossl.com/v2/DV90
[Sat Aug 14 18:11:56 UTC 2021] Single domain=‘coaltocloud.info’
[Sat Aug 14 18:11:56 UTC 2021] Getting domain auth token for each domain
[Sat Aug 14 18:11:58 UTC 2021] Getting webroot for domain=‘coaltocloud.info’
[Sat Aug 14 18:11:58 UTC 2021] Verifying: coaltocloud.info
[Sat Aug 14 18:11:58 UTC 2021] Processing, The CA is processing your order, please just wait. (1/30)

2

I had the same error when trying to set up a Ghost instance on a subdomain. HSTS was configured (which I’d forgotten about) and so the HTTP acme verification failed; I had to run the following to do a DNS verification; afterwards ghost setup ssl worked:

sudo su
/etc/letsencrypt/acme.sh --set-default-ca --server letsencrypt --issue --home /etc/letsencrypt --dns dns_cf --domain ghost.example.com --webroot /var/www/ghost.example.com/system/nginx-root --reloadcmd "nginx -s reload" --accountemail me@ghost.example.com
1 Like