Stuck on setting up SSL and DNS

If you’re looking for some help, it’s important to provide as much context as possible so that people are able to assist you. Try to always mention:

I am trying to work through this error:

1) Setting up SSL

Message: Uh-oh! It looks like your domain isn't set up correctly yet.
Because of this, SSL setup won't work correctly. Once you've set up your domain
and pointed it at this server's IP, try running `ghost setup ssl` again.

Debug Information:
    OS: Ubuntu, v18.04.3 LTS
    Node Version: v10.16.3
    Ghost Version: 3.12.0
    Ghost-CLI Version: 1.13.1
    Environment: production
    Command: 'ghost setup ssl'

Additional log info available in: /home/ghost-mgr/.ghost/logs/ghost-cli-debug-2020-03-24T21_11_50_481Z.log

Try running ghost doctor to check your system for known issues.

You can always refer to https://ghost.org/docs/api/ghost-cli/ for troubleshooting.
ghost-mgr@ghost-s-1vcpu-1gb-sfo2-01:/var/www/ghost$ 

I installed ghost on a Digitalocean droplet with the 1-click installer. Ghost is set up and working when I enter the IP address into my browser — I did that and am logged into the CMS with a new user. However when I got to the URL “learn.nuriabowart.com” it says can’t connect to the server. However I’ve run a DNS checker for my subdomain and it is pointing to the correct IP address: https://dnschecker.org/#A/learn.nuriabowart.com

Do I just have to wait longer for the DNS changes to propagate so I can set up my ssl cert and access the ghost website on my subdomain? Or is there something else I can do to finish my setup?

Update: The the URL is now pointing to the correct IP and SSL setup worked as far as I can tell:

✔ Setting up SSL

However, when I go to the website it still shows the “not secure” text next to the URL in the browser address bar

Do I still just have to wait for the certificate to be read properly?

1 Like

I’m not sure I can be of help but will give it my best! :slight_smile:
Can you share the DNS settings, as well as the NGINX record? It’s hard to tell where the encryption issue is coming from without more information.

the dns setting is just an A record the points learn.nuriabowart.com to the IP address of the Digitalocean droplet.

Not sure what the NGINX record is

When I check on an ssl checker it says it’s all configured properly but I checked on multiple different devices and it still shows “not secure” in the address bar

https://www.sslshopper.com/ssl-checker.html#hostname=learn.nuriabowart.com

When I type in “https://” in front of the URL (as opposed to bare without the https:// or just http://) it shows:

502 Bad Gateway
nginx/1.14.0 (Ubuntu)

Where are you controlling the dns? For example, with Cloudflare there’s an ability to enforce SSL on dns level. That’s why I’m wondering if the issue is possibly on a dns level.

Assuming DNS is not the case, though that shouldn’t be assumed, you’ll want to check the following:

Nginx: /etc/nginx/sites-available

Letsencrypt: /etc/letsencrypt/

I have a feeling it is related to dns. The one click install is relatively simple and shouldn’t require the above troubleshooting.

I’m not sure how to check those things—with terminal? As I said when I entered the domain in an ssl checker it came up All correct (the post Above with that link was flagged for some reason)

I am using iwantmyname as the domain registrar which also manages my DNS

Would this problem be resolved by managing dns with digital ocean? Problem is I am only connectinf the droplet to a subdomain, primary domain points to Webflow

I got it working after setting up NS records for the subdomain to point to digitalocean and then restarting ghost via the cli

1 Like

Nice! Glad everything worked out for you! :slight_smile: