SSL Invalid Response with Setup

I’ve seen a few posts on this, but none of them seem to fix this issue that i’m having running ghost setup ssl. I suspect this is because I tried to setup ssl during initial ghost install, however my domain was still propogating so it didn’t install properly, so now when I try to run it, I get Invalid response from

Perhaps there is/needs to be a way to do ghost delete ssl and start over? Or is there another approach besides trying to upgrade letsencrypt/ That didn’t work for me.

$ ghost setup ssl
? Enter your email (For SSL Certificate)
+ sudo /etc/letsencrypt/ --issue --home /etc/letsencrypt --domain --        
webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail
✖ Setting up SSL
One or more errors occurred.

1) ProcessError

Message: Command failed: /bin/sh -c sudo -S -p '#node-sudo-passwd#'  /etc/letsencrypt/ --issue --home /etc/letsencrypt --domain --webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail
[Thu Apr 16 18:26:25 UTC 2020] error:Invalid response from []:
[Thu Apr 16 18:26:25 UTC 2020] Please add '--debug' or '--log' to check more details.
[Thu Apr 16 18:26:25 UTC 2020] See:

If ssl isn’t set up, there’s nothing to delete. Based on the output from the logs, it looks like your domain still isn’t set up

Ok. I was confused as to why there’s a /etc/letsencrypt/ directory. But if it’s not setup at all, then what could be the source of the error? I haven’t done anything strange. I followed the Ubuntu install docs.

Should there be a directory under /var/www/ghost like .well-known/acme-challenge/? Or how does that get resolved? When I put the full path into a browser I get a 404. internally handles all of this. Ghost provides the webroot (it’s in system/files iirc) to the script and the script handles creating and removing any files. The script is installed in /etc/letsencrypt

Thanks, @vikaspotluri123 I appreciate your help.

Something must serve up the file The only reference I can find anywhere to “well-known” is in system/files/mydomain.conf

location ~ /.well-known {
   allow all;

Ghost doesn’t create system/files/.well-known even on a fresh ghost install following the Ubuntu instructions.

So either ghost or is responsible for creating this, but I don’t know which and I don’t know how to resolve it. I can’t find any references to it in the github code.

Any ideas?

That’s correct, does. You can try running the command manually

/bin/sh -c sudo -S /etc/letsencrypt/ --issue --home /etc/letsencrypt --domain --webroot /var/www/ghost/system/nginx-root --reloadcmd "nginx -s reload" --accountemail

Yes @vikaspotluri123, this is precisly the command that does not work because it is looking for:

Verify error:Invalid response from

Which if you put it in a browser gives a 404 creates this file when LE asks for it, and regardless of the result deletes it

@vikaspotluri123 Turns out it was an issue with ghost.

In ghost/system/files/ I noticed this peculiar line:

server {
    listen 80;
    listen [::]:80;

    root /var/www/ghost #system/nginx-root; # Used for SSL verification (

So I uncommented it and turned it into:

server {
    listen 80;
    listen [::]:80;

    root /var/www/ghost/system/nginx-root; # Used for SSL verification (

And it worked!

I believe either the script should change to automatically do this OR it should be written in the documentation. If it is, I can’t seem to find it.

That’s really weird! You can see the template that the CLI uses to generate config files here:

Moreover, nginx should have complained about the config file since root /var/www/ghost #... isn’t valid syntax :confused:

Whatever the case, I’m glad you got it working :tada:

Is not the command

ghost setup nginx ssl

Next time I’ll try that. The docs I was following had ghost setup ssl. But I got it working anyway.