Certificate issue after update to 1.8.1

#1
Hi,

i have update ols from 1.7.18 to 1.8.1 with this cmd:

/usr/local/lsws/admin/misc/lsup.sh -v 1.8.1

after update, ssl certificate become self signed

View attachment 1439

i have a SEC_ERROR_UNKNOWN_ISSUER error (SSL) on 7080 and 8090 too.

i try to fix then from cyberpanel but i'have always this self signed certificat.

can you please help me.

thanks
 

Attachments

#2
i solve my issue,

the problem was with permission, after update to 1.8.1, fullchain.pem file have not the good permission.

i delete privkey.pem and fullchain.pem, then a regenerate ssl from cyberpanel.

hope it can help someone.
 

Cold-Egg

Administrator
#3
The upgrade should change the OLS binary only, not the certificate included. Is the issue reproducible if you downgrade to the previous version and upgrade to v1.8.1 again?
 
#4
i solve my issue,

the problem was with permission, after update to 1.8.1, fullchain.pem file have not the good permission.

i delete privkey.pem and fullchain.pem, then a regenerate ssl from cyberpanel.

hope it can help someone.
I have 3 websites hosted using cyberpanel + openlitespeed, after upgrading to 1.8.1 one of my websites had SSL issues too(the other 2 websites had no problem). Thank you for this, it solved the issue!
 

krlabs

New Member
#5
i solve my issue,

the problem was with permission, after update to 1.8.1, fullchain.pem file have not the good permission.

i delete privkey.pem and fullchain.pem, then a regenerate ssl from cyberpanel.

hope it can help someone.
On November 4, we updated in the same way, got the same problem, and solved it in the same way (instead cyberpanel we used certbot). We also had CyberPanel installed. Could you tell me what permissions you set on fullchain.pem and what permissions you had before? This is important so that others can establish the correct rights and this does not happen again.
 

krlabs

New Member
#6
We analyzed the permissions, and they were set as standard - 644 for fullchain.pem. There is another point in this situation - we also updated CyberPanel to the latest version, and it may have had such authority to overwrite the contents of this file.
 
#7
We analyzed the permissions, and they were set as standard - 644 for fullchain.pem. There is another point in this situation - we also updated CyberPanel to the latest version, and it may have had such authority to overwrite the contents of this file.
hi, i didn't change permission, i delete the file and regenerate it from cyberpanel.
 

krlabs

New Member
#8
hi, i didn't change permission, i delete the file and regenerate it from cyberpanel.
You wrote that “the problem was with permission, after update to 1.8.1, fullchain.pem file has not good permission.” So, what were the permissions fullchain.pem before and after that? If you didn't make any changes, then it's 100% that this problem will happen again after the next upgrade.
 
Top