SSL / Certificate

Hello,

I continue to have the following error when attempting to configure the proxy with https:

taiga-docker-taiga-gateway-1  | 2024/01/03 23:33:20 [emerg] 1#1: cannot load certificate "/etc/letsencrypt/archive/myprivatedomain.com/fullchain1.pem": BIO_new_file() failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/letsencrypt/archive/taiga.non-prod.iso.arizona.edu/fullchain1.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

My current taiga.conf variables:

server {
    server_name myprivatedomain.com;
    listen 443 ssl default_server;

    ssl_certificate /etc/letsencrypt/archive/myprivatedomain.com/fullchain1.pem;
    ssl_certificate_key /etc/letsencrypt/archive/myprivatedomain.com/privkey1.pem;

    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';
    ssl_prefer_server_ciphers off;
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 5m;

    client_max_body_size 100M;
    charset utf-8;

Along with my docker-compose.yml file variables:

 taiga-gateway:
    image: nginx:1.19-alpine
    ports:
      - "80:80"
      - "443:443"
    volumes:
      - ./etc/letsencrypt/archive/myprivatedomain.com:/etc/letsencrypt
      - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
      - taiga-static-data:/taiga/static
      - taiga-media-data:/taiga/media
    networks:
      - taiga
    depends_on:
      - taiga-front
      - taiga-back
      - taiga-events

Followed the self-setup guide although I might be overseeing something. Any insight would be appreciated thank you.

Forgot to mention that the following permissions are configured:

ls -l /etc/letsencrypt/archive/myprivatedomain.com/
total 20
-rw-r--r--. 1 root root 1533 Dec 15 17:40 cert1.pem
-rw-r--r--. 1 root root 3749 Dec 15 17:40 chain1.pem
-rw-------. 1 root root 5282 Dec 15 17:40 fullchain1.pem
-rw-------. 1 root root  241 Dec 15 17:40 privkey1.pem

hi @James

The error says it doesn’t find the file, so there are a couple of things that I believe could be useful to check:

  • path to the certificate as I can see “myprivatedomain.com” and “taiga.non-prod”, just to be sure all are the same in docker and the nginx.conf
  • the volume maps the files where you want to; I belive they are not where they should be but you can check running the docker-compose service with a different command so you can inspect the container and the files

That said, I’d like to point that you’re not using the recommended way of installing Taiga (just in case you didn’t notice) and these issues are more docker related than taiga related, so probably you’ll find more useful information in the docker documentation. Nonetheless, we can try to help as best as we can.

Cheers!