SSL Certificate Issue - yunohost.org instead of my domain for admin panel

What type of hardware are you using: VPS bought online
What YunoHost version are you running: 2.1.35 (stable)
How are you able to access your server: SSH
Are you in a special context or did you perform specific tweaking on your YunoHost instance ?: SSL Certificate Issue - yunohost(dot)org instead of my domain for admin panel

Describe your issue

Hello,

I’m experiencing an SSL certificate issue with my YunoHost instance, specifically affecting the admin panel.

What I’m trying to achieve:
Have a valid Let’s Encrypt SSL certificate for my main domain mydomain(dot)tld

Ensure the browser displays a valid, secure certificate for my domain, especially for the admin panel

All services should use my domain’s certificate, not the default yunohost(dot)org one

Current situation:
Let’s Encrypt certificates are properly generated for mydomain(dot)tld (confirmed by yunohost domain cert status mydomain(dot)tld)

But the browser keeps showing the default yunohost(dot)org certificate instead of mydomain(dot)tld

HTTPS connections work, but with the wrong certificate

This affects the main domain and particularly the admin panel

What I’ve already tried:
sudo yunohost domain cert-install mydomain(dot)tld --force → certificate regenerated successfully

sudo systemctl restart nginx → restarted without errors

Certificate files verification: they exist in /etc/yunohost/certs/mydomain(dot)tld/

Main Nginx configuration points to the correct certificate

The specific issue:
When I check the admin panel configuration:

bash
sudo grep “ssl_certificate” /etc/nginx/conf.d/yunohost_admin.conf
Result:

text
ssl_certificate /etc/yunohost/certs/yunohost(dot)org/crt(dot)pem;
ssl_certificate_key /etc/yunohost/certs/yunohost(dot)org/key(dot)pem;
Additional context:
Domain list shows mydomain(dot)tld as main domain

I attempted yunohost tools regen-conf yunohost-admin --force but it failed with an error

Manual editing of the file works temporarily but gets overwritten

My questions:
Is it expected that yunohost_admin.conf still uses yunohost(dot)org certificates instead of my domain’s?

If not, what’s the proper way to fix this for the admin panel?

Could this be related to how the main domain is configured system-wide?

Any guidance would be greatly appreciated!

Thank you for your help.

Share relevant logs or error messages

https://paste.yunohost.org/raw/zumequkuxa

The file is called yunohost_admin.conf but really is “the default server/virtualhost to fallback to” when no domain is specified .. or to put it simply, that’s what’s used when the server is accessed using its IP.

If you’re accessing the server using its IP, then there’s basically no certificate that will be properly recognized by the browser, since SSL/TLS certificates are meant for domains. Hence it doesn’t really matter if the default certificate (with a dummy yunohost.org) or your certificate for your main domain is sent, since you’re accessing via the IP, browsers can’t magically trust it …

Yes, there is no “yunohost-admin” category for the regenconf, if you want to regen the nginx conf, use nginx instead

I think I found the issue! I was accessing https://www(dot)kodborg(dot)fr/yunohost/admin but my SSL certificate was only configured for kodborg(dot)fr (without www).

The logs show requests to www(dot)kodborg(dot)fr but the certificate is only valid for kodborg(dot)fr .

Thank you.

is a subdomain, just add it in domains and install a certificate for it

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.