We Keep Coding

SSL Not working with apache and cloudflare

I have Create SSL certificate using "Let's Encrypt" in Ubantu 18.10 .i follow below documentation to create SSL certificate.
https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates/
I have check SSL certificate was successfully created I have used below command to test it.
openssl verify chain.pem
openssl verify -CAfile chain.pem cert.pem
But Site not working getting 525 error.In cloudflare ""Universal SSL is Active "
Anyone please suggest possible solution to fix this Issue?
Thanks

I found solution. there is issue with apache config file.I have change port "443"
in apache config file and its working fine.
Thanks

ArangoDB working together with letsenrcypt certificates

Is there anyoune out there who got a running arangoDB database working with a letsencrypt certificate? I just can't find out to geht this running.
ArangoDB is running on a digitalOcean droplet and I could get it running togehter with a self-signed certificate following this tutorial. So arangoDB is sucessfully running on port: 8530
Now my approach was replacing the self-signed certificate with a letsencrypt cert.
So I added a subdomain in DigitalOcean to the droplet. e.g.: db.example.com an then generated the cert-files:
sudo -H ./letsencrypt-auto certonly --standalone -d db.example.com
You will end up with 4 files: cert.pem chain.pem fullchain.pem privkey.pem
As I understood, these files are:
Private Key --------> privkey.pem
Public Key ---------> cert.pem
Certificate Chain --> chain.pem
As described in the tutorial I mentioned, you nee the certificate and the key in one file. So i did
cat chain.pem privkey.pem | sudo tee server.pem
to have a file containing the certificate and the private key.
Then I modified the file /etc/arangodb3/arangod.conf to let arango know where the keyfile is and modified the ssl section:
[ssl]
keyfile = /etc/letsencrypt/live/db.example.com/server.pem
But after restarting arango, the server is not available. When trying to connect the browser to: https://db.example.com:8530. Firewall settings for the droplet should all be ok, because I could access this address with the self-signed cetificate before.
I then tried to modify the endpoint in /etc/arangodb3/arangod.conf from
endpoint = ssl://0.0.0.0:8530
to
endpoint = ssl://db.example.com:8530
and also
tcp://db.example.com:8530
None of it was working. Has somebody out there an idea what I am doing wrong?

Please use the ip of the interface you want to use when specifying the endpoint e.g. endpoint = ssl://42.23.13.37:8530 (ip address should list your interfaces along with addresses in use). Then it could help to use the fullchain.pem to create the server.prm (cat fullchain.pem privkey.pem > server.pem). Make sure the resulting server.pem is accessible and readable by the arangodb user. If the server is still not starting correctly please provide logs of the server. To access the logs use systemctl -fu arangodb3.service or follow the logs with tail -f <logfile> if you use some custom location for logging.
I have just tested a setup with letsencrypt certificates and it was working after ensuring all above points.

How do I add the SSL certificate I bought on dnsimple for a subdomain when I already have an SSL certificate for the root domain?

In Heroku Settings, the SSL is showing for www.example.com but there is no where for me to add an SSL certificate for subdomain.example.com.
In DNSimple instructions it says to install the certificate at the command prompt:
$ heroku certs:add subdomain_example_com.pem subdomain_example_com.key
This results in:
Resolving trust chain... done
▸ Potentially Destructive Action
▸ This command will change the certificate of endpoint *********-17151 from ⬢ afternoon-********-5203.
$ heroku certs
***********-17151 www.example.com, example.com 2018-01-29
How do I install this SSL certificate for the subdomai without messing with the existing SSL certificate for www.example.com?

You can only have one SSL certificate on Heroku, so if you want more subdomains than www, you need a wildcard SSL certificate.

Heroku SSL - No certificate given is a domain name certificate

I am already 3 hours fighting with setting SSL certificate for a Heroku app. I am following this tutorial, but when I run
heroku certs:add server.crt bundle.pem server.key --app my-app-name
I always get this error:
Resolving trust chain... failed
! No certificate given is a domain name certificate.
I have bought the SSL certificate at DNSimple. What's is still wrong, why am I missing. It makes me despair, even Google didn't help...
All help will be appreciated.

In my case the ZIP file I downloaded from my SSL provider contained 2 .crt files and I picked the wrong one when running the certs:update. Re-running with the other .crt file solved the problem

Seems like your certs and your bundle are not resolving properly, i.e. either the trust chain is broken (not all certs exist in bundle for domain -> intermediate CA -> root CA) or alternatively your cert is not valid for the domain that Heroku is expecting.
Make sure the fully qualified domain name in your cert matches the domain you are using.

Adding self-signed certificate to Heroku app

I am trying to add a self-signed certificate to one of my apps on Heroku. I have followed the guides from the Dev Center.
https://devcenter.heroku.com/articles/ssl and https://devcenter.heroku.com/articles/ssl-certificate-self
After I have generated the self-signed cert I try to add the cert by
heroku certs:add server.crt server.key
And get the error message:
Resolving trust chain... failed
! No certificate given is a domain name certificate.
I am not sure what that means or how to fix the problem.

You have to set the CN to the domain you're issuing the certificate for.