SSL Issue on bavatuesdays through Reclaim Cloud

This is a weird issue that I have not seen happen on any other Reclaim Cloud environment, but I wanted to quickly document it before I forget what I did or, given long enough, that it ever happened at all. As a result it will probably be useful to me alone, but so it goes.

This is the ridiculously overdue to-do list item that sat for almost 9 months in Asana:

  • Figure out SSL issue on bavatuesdays and fix main URL getting over-written

The issue was that every time my Let’s Encrypt SSL certificate for bavatuesdays would update my site URL would get overwritten throughout the database. So would become (the Reclaim Cloud environment URL that I map to After way too much procrastinating, earlier this week I set aside some time to actually try and fix it.  I also took impartial notes on what I did, which are copied below:

1) Custom SSL for not working
2) When I disable Custom SSL on Reclaim Cloud for the site goes down with cloud flare error
3) SSL through Let’s Encrypt Addon for is working
4) But when I update the SSL certificate through Let’s Encrypt all links in database to are re-written to

Possible Solution:
1) Turned off Let’s Encrypt Addon in Reclaim Cloud
2) Added as a CNAME entry in Custom Domains in Reclaim Cloud (it was previously an A record pointing to the environment IP address)
3) Added as a CNAME entry pointing to in Cloudflare
4) Turned off SSL in topolgy of Reclaim Cloud server environment

As a result, is working and loading over SSL without Let’s Encrypt Addon [this was not actually the case, it was cached, which confused me].
The domain is not loading over SSL and it would be ideal if re-directed to, but believe this might be a nginx.conf setting. [This is still something  I need to do]

We will see if the errors from Jelastic about the certificate for stop, not sure they will given Custom SSL is still enabled in [they did not] the environment and the certificate is still expired 18/2/2021 [this, I believe, was the larger issue]

Redirection plugin allowed me to create redirection of the alias -> [this was a false friend, it works once you are on, but does not work coming from ->]

I wanted to record my check-list as I was troubleshooting because I think I went down a few dead-ends. I needed the Let’s Encrypt Addon in Reclaim Cloud, but it was not updating properly. The Custom SSL area was pointing to not, and I am not sure how and when that happened. But as a result the Let’s Encrypt Addon certificate was not renewing, and I was getting an error for the domain even through the domain was loading over SSL. It was all so confusing.

What seemed to work, at least for now, was creating a CNAME for the custom Domain in Reclaim Cloud, and then updating the DNS in Cloud Flare to point to that CNAME. After that I removed the Let’s Encrypt certificate and re-installed it for both and, after that the domain that showed up in the Custom SSL area of Reclaim Cloud was not, and the expiration was June 1, 2021 rather than the outdated February 18th, 2021—which was very good.

Also, as another note, the SSL in the topology of the environment remained off, but I did have a public IPv4 that was enabled that I believe gives me the option for the Let’s Encrypt Addon.

This was a case of trying so many things and not being entirely methodical that results in me having the fix, but not exactly knowing all the moving parts that got me there, hence the post to try and remember at least some of them and what did work in the event this happens again. The biggest pain was the updated SSL certificate overwriting my domain URL, but I can confirm that issue is solved, although I do wonder what combination of original mis-steps I made setting the environment up almost a year ago resulted in this unfortunate issue I have lived with every few months for a year.

My laziness knows no bounds when I realized a quick database find and replace could fix the domain over-writing, but it was still a bit unsettling to live with since last March. What a year, what a year.

This entry was posted in bavatuesdays, Reclaim Cloud and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.