[Solved] SSL cert renewal issue

[opalepatrick]

I seem to have a weird issue since I messed around after having issues with a letsencrypt renewal yesterday on one of my installs. I can log in to admin, but I cannot see the pages tree or search for pages, I can see the templates but not click to relevant pages. Obviously caused something. I have uncommented the https section in .htaccess as well. If anyone has any ideas that would be great.

[rick]

I renewed a cert for one of my domains yesterday using the basic syntax: ./letsencrypt-auto -d mydomain.com. Everything is functioning correctly on my LAMP server.

Can you provide details, such as error log entries, etc. so we can take a look?

[opalepatrick]

Thanks for responding Rick. There are no errors either in errors.txt or in the error logs for the server. The cert was installed using the Plesk plugin but it is working fine. The issue I had was to do with a challenge problem on renew with .well-known directory. Sussed that out (one of the settings was missing a trailing slash on the hostname) but have this problem. If it was out and out permissions, I would expect to be blocked out of the site or admin. I did roll back that change to verify and it is still an issue. I have also checked it in another browser to make sure it is not cache. It was working fine with the cert previous to this.

It does feel database related, but things like templates are listed (but no details when clicked), fields are the same. Users are not listed, but roles are with details. I checked the db and the info is there.

[rick]

Hi opalepatrick,

I don't run plesk myself, so I can't provide any experience-based solutions for you. However, plesk has been discussed at length in the forum, so maybe there is a solution available there. In the meantime, if you can provide the following, it may help the members with plesk experience to better assist you.

What OS are you running?
Local or remote host?
What letsencrypt plesk extension version?
Was the extension installed by your hosting provider?
Are dir/file permissions set correctly for PW?

Sorry I can't help out with this. Someone who can will be along shortly.

 

[opalepatrick]

Thanks Rick.

Centos 6 (but I have about 7 other pw sites on the same server working fine)

Remote

Version 2.01 release 24

Extension installed by me on my server. Permissions are out of the box - although going to just re-check that.

The sole difference between this and the others is that cert I believe.

*** I may have caused this myself by setting up a CSP (Content Security Policy) and not dealing with the PW install.

Edited April 4, 2017 by opalepatrick
Last line discovery re CSP

[opalepatrick]

Yes. It was CSP. Thanks Rick. I would like to implement CSP as policy. I saw the other thread from about a year ago but nothing since? It does seem a good way to prevent things like cross site scripting etc, and basically a lot more secure. Although I know it was a pain to implement. Now my score at the observatory has gone from an A+ to a D   Will open another thread.

[matjazp]

Are you talking about the score on frontened or backend (admin)?  As far as I know, you can't get A score since you need script-src 'unsafe-inline' and possibly 'unsafe_eval'. So, how you got A+?

[opalepatrick]

Well that was the problem matjazp - I had implemented the policy without paying attention to the back end and of course I only got the score on the front end and messed up the back end.

[opalepatrick]

Well that was the problem matjazp - I had implemented the policy without paying attention to the back end and of course I only got the score on the front end and messed up the back end.

Also, how does one edit the title to add [Solved] ?