I’d like to deploy a custom instance of open remote at our server, using a custom domain and using already existing certificates. As mentioned here I prepared and copied my certificate into var/lib/docker/volumes/openremote_proxy-data/_data/certs/ (is that correct?)
Also I included the certificates into openremote/deployment/certs/
However if I than try to start openremote, I get the following errors:
openremote_proxy_1 exited with code 1
proxy_1 | [INFO][2023-01-23 11:55:19] PROXY_LOGLEVEL: info
proxy_1 | [INFO][2023-01-23 11:55:19] LUA_PATH:
proxy_1 | [INFO][2023-01-23 11:55:19] CERT_DIR: /deployment/certs
proxy_1 | [INFO][2023-01-23 11:55:19] LE_DIR: /deployment/letsencrypt
proxy_1 | [INFO][2023-01-23 11:55:19] Checking HAProxy configuration: /etc/haproxy/haproxy.cfg
proxy_1 | [NOTICE] (18) : haproxy version is 2.7.0-437fd28
proxy_1 | [ALERT] (18) : config : parsing [/etc/haproxy/haproxy.cfg:67] : 'bind *:443' in section 'frontend' : unable to stat SSL certificate from file '/etc/haproxy/certs/00-cert' : No such file or directory.
proxy_1 | [ALERT] (18) : config : parsing [/etc/haproxy/haproxy.cfg:81] : 'bind *:8883' in section 'listen' : unable to stat SSL certificate from file '/etc/haproxy/certs/00-cert' : No such file or directory.
proxy_1 | [ALERT] (18) : config : Error(s) found in configuration file : /etc/haproxy/haproxy.cfg
proxy_1 | [ALERT] (18) : config : Fatal errors found in configuration.
proxy_1 | [ERROR][2023-01-23 11:55:19] Cannot start proxy until config file errors are resolved in '/etc/haproxy/haproxy.cfg'
openremote_proxy_1 exited with code 1
It seems that I need need to do some changes in haproxy.cfg, but I am not really able to find it neither I know what exactly to do. And do I need to remove all the stuff from letsencrypt?
Hi @apurba ,
I have the same issue here also while importing the customized certificate in the /deployment/certs/${Domain_IP}/mycertificate.pem and also I have added the mentioned above line in the compose file , however we are not able to use our certificate. (please see attached image)
also please find the logs from proxy while starting the container:
[INFO][2023-01-24 10:53:04] Executing cert_init at Tue, 24 Jan 2023 10:53:04 +0000
[INFO][2023-01-24 10:53:04] Initialising certificate for ‘192.168.112.132’…
[INFO][2023-01-24 10:53:04] Domain is an IP address or simple hostname so ignoring cert request ‘192.168.112.132’
[INFO][2023-01-24 10:53:04] Symlinking first domain to built in cert directory to take precedence over self signed cert
[INFO][2023-01-24 10:53:04] Removing obsolete haproxy certificate chain for ‘certificate.pem’
[INFO][2023-01-24 10:53:04] Executing auto renew at Tue, 24 Jan 2023 10:53:04 +0000
Saving debug log to /var/log/letsencrypt/letsencrypt.log