MediaWiki with Parsoid Error 60

Wiki.TerraBase.info
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

...it seems like there's a problem with STUNNEL if a Let's Get Encrypted Certificate is renewed (automatically or manually) without restarting the STUNNEL service.

IE, if you're getting a "Peer certificate cannot be authenticated with given CA certificates", restart the STUNNEL service and then restart the HTTPD Service (or whatever web service you're using). Until that is done, it appears the STUNNEL service "caches" the previous certificate, IE loads it upon start and keeps it, even if the underlying file (certificate) has been changed.

My hint was noticing that when accessing the website using HTTPS, the certificate was different when checking directly against the Parsoid Service (https://WhatEverWebSite:WhatEverPort). It differed by one month, which fits exactly with when Let's Encrypt automatically renews certificates.

Retrieved from "https://wiki.terrabase.info/index.php?title=MediaWiki_with_Parsoid_Error_60&oldid=505"