This is a weird issue that I have not seen happen on any other Reclaim Cloud environment, but I wanted to quickly document it before I forget what I did or, given long enough, that it ever happened at all. As a result it will probably be useful to me alone, but so it goes.
This is the ridiculously overdue to-do list item that sat for almost 9 months in Asana:
- Figure out SSL issue on bavatuesdays and fix main URL getting over-written
The issue was that every time my Let’s Encrypt SSL certificate for bavatuesdays would update my site URL would get overwritten throughout the database. So bavatuesdays.com would become bavablog.uk.reclaim.cloud (the Reclaim Cloud environment URL that I map to bavatuesdays.com). After way too much procrastinating, earlier this week I set aside some time to actually try and fix it. I also took impartial notes on what I did, which are copied below:
1) Custom SSL for bavablog.uk.reclaim.cloud not working
2) When I disable Custom SSL on Reclaim Cloud for bavablog.uk.reclaim.cloud the site goes down with cloud flare error
3) SSL through Let’s Encrypt Addon for bavatuesdays.com is working
4) But when I update the SSL certificate through Let’s Encrypt all links in database to bavatuesdays.com are re-written to bavablog.uk.reclaim.cloudPossible Solution:
1) Turned off Let’s Encrypt Addon in Reclaim Cloud
2) Added bavatuesdays.com as a CNAME entry in Custom Domains in Reclaim Cloud (it was previously an A record pointing to the environment IP address)
3) Added bavatuesdays.com as a CNAME entry pointing to bavablog.uk.reclaim.Cloud in Cloudflare
4) Turned off SSL in topolgy of Reclaim Cloud server environmentAs a result, bavatuesdays.com is working and loading over SSL without Let’s Encrypt Addon [this was not actually the case, it was cached, which confused me].
The bavablog.uk.reclaim.cloud domain is not loading over SSL and it would be ideal if re-directed to bavatuesdays.com, but believe this might be a nginx.conf setting. [This is still something I need to do]We will see if the errors from Jelastic about the certificate for
bavablog.uk.reclaim.cloud stop, not sure they will given Custom SSL is still enabled in [they did not] the environment and the certificate is still expired 18/2/2021 [this, I believe, was the larger issue]Redirection plugin allowed me to create redirection of the alias
bavablog.uk.reclaim.cloud -> bavatuesdays.com [this was a false friend, it works once you are on bavatuesdays.com, but does not work coming from bavablog.uk.reclaim.cloud ->bavatuesdays.com]
I wanted to record my check-list as I was troubleshooting because I think I went down a few dead-ends. I needed the Let’s Encrypt Addon in Reclaim Cloud, but it was not updating properly. The Custom SSL area was pointing to bavablog.uk.reclaim.cloud not bavatuesdays.com, and I am not sure how and when that happened. But as a result the Let’s Encrypt Addon certificate was not renewing, and I was getting an error for the bavablog.uk.reclaim.cloud domain even through the bavatuesdays.com domain was loading over SSL. It was all so confusing.
What seemed to work, at least for now, was creating a CNAME for the custom Domain in Reclaim Cloud, and then updating the DNS in Cloud Flare to point to that CNAME. After that I removed the Let’s Encrypt certificate and re-installed it for both bavatuesdays.com and www.bavatuesdays.com, after that the domain that showed up in the Custom SSL area of Reclaim Cloud was bavatuesdays.com not bavablog.uk.reclaim.cloud, and the expiration was June 1, 2021 rather than the outdated February 18th, 2021—which was very good.
Also, as another note, the SSL in the topology of the environment remained off, but I did have a public IPv4 that was enabled that I believe gives me the option for the Let’s Encrypt Addon.
This was a case of trying so many things and not being entirely methodical that results in me having the fix, but not exactly knowing all the moving parts that got me there, hence the post to try and remember at least some of them and what did work in the event this happens again. The biggest pain was the updated SSL certificate overwriting my domain URL, but I can confirm that issue is solved, although I do wonder what combination of original mis-steps I made setting the environment up almost a year ago resulted in this unfortunate issue I have lived with every few months for a year.
My laziness knows no bounds when I realized a quick database find and replace could fix the domain over-writing, but it was still a bit unsettling to live with since last March. What a year, what a year.
