SSL Issues

SSL Issues #

Let’s Encrypt will email you 19 days before your SSL certificate expires if there’s been an issue with renewal. If you receive such an email, we strongly recommend taking action before your certificate expires.

Inaccessible install due to SSL #

For SSL issues, login as the root user on the SynergyCP master host and run:

/scp/bin/scp-exec php_s php artisan ssl:remove

This will disable SSL on the application, you can then access the application via regular HTTP.

Failed SSL Certificate generation #

If you’re getting errors about failing to generate an SSL certificate, first make sure all 3 domains on the Settings > HTTP tab are pointed to the same IP.

Proxies/CDNs such as Cloudflare could cause issues as well, so try turning any of those off. There is limited support for Cloudflare and requires specific setup instructions; please contact our support team at [email protected] for guidance.

Let’s Encrypt has a rate limit of 5 attempts per week for the same domain name combination. Even if you have only attempted once and got a failure for some reason, the system may automatically retry the validation process. In this case, you could try changing the Admin URL of your application so that the certificate is no longer a duplicate and then re-attempt the process. Make sure to point the Admin domain to the correct IP before updating the value in SynergyCP.

cURL error 28: Operation timed out #

When running the SSL setup or renewal function, the app needs to access Let’s Encrypt’s API endpoints AND the app needs to be able to access itself on its own URLs - note that you’ll want to set http on these URLs if SSL is not set up.

If you’ve implemented any iptables rules on the SynergyCP master, check that these aren’t blocking outbound traffic, or traffic from the Docker containers that make up the app back to the app URLs.