MediaWiki with Parsoid Error 60

Wiki.TerraBase.info
Revision as of 20:42, 18 June 2020 by Root (talk | contribs) (Created page with "...it seems like there's a problem with STUNNEL if a Let's Get Encrypted Certificate is renewed (automatically or manually) without restarting the STUNNEL service. IE, if you...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

...it seems like there's a problem with STUNNEL if a Let's Get Encrypted Certificate is renewed (automatically or manually) without restarting the STUNNEL service.

IE, if you're getting a "Peer certificate cannot be authenticated with given CA certificates", restart the STUNNEL service and then restart the HTTPD Service (or whatever web service you're using). Until that is done, it appears the STUNNEL service "caches" the previous certificate, IE loads it upon start and keeps it, even if the underlying file (certificate) has been changed.

My hint was noticing that when accessing the website using HTTPS, the certificate was different when checking directly against the Parsoid Service (https://WhatEverWebSite:WhatEverPort). It differed by one month, which fits exactly with when Let's Encrypt automatically renews certificates.

Retrieved from "https://wiki.terrabase.info/index.php?title=MediaWiki_with_Parsoid_Error_60&oldid=505"