2 PART QUESTION:
I have a pre-existing SSL cert on my site, so when it came time to launch I had selected to skip certbot, and not paying full of attention the web build, it built it to a “HTTP”…So I turned off the SSL on my site to have certbot issue a SSL, and the following is the error.
CMD: hollaex toolbox --issue_ssl
“No such container: certbot
Failed to issue SSL certificate by using Certbot. Please confirm your settings and try again”
How can I fix this? I did go back to hollaex server --setup, and went down each all the way to hollaex prod, and still get this error, I even changed the instance of the exchange name to try to offset and rewrite. So how can I fix this?
@2nd Question
It seems to me to be far easier getting in a congif file that writes to http and just change it to https, can I do that? If soo where would I find said file, this way I can just keep me original SSL cert? Thanks in advance!
^ Seriously this makes the most sense ^ All Money Transmitting Sites have to be SSL, so why wouldn’t you just create the software to engage the call for SSL in the config file, or build, and let the EU register their own SSL? Something to ponder Hollex Team!
There have been errors thrown on elastic IPS along with Load Balancing on AWS if you already have an SSL…initially the build in Hollaex Prod asks if one wants a SSL, if select assuming the api will config itself off a http:, but it doesn’t or didn’t, so one has to go back in to the Hollaex Prod and select Yes for SSL, however this throws off any “current” SSL Cert from 3 party…So the contention is instead of Hollaex Prod, just give the Dev’s a config to write in dependencies and not have an a back end web build the SSL…just write it in a config file. I know there is a config “settings” but I played around with altering just that and doing a web build after and no luck. It would be much easier to handle the dependencies there.
Find the container id for local_orderpool-nginx_1 and access #docker container ls
Or /bin/bash #docker exec -it <CONTAINER_ID> /bin/sh
In the docker container #mkdir /etc/nginx/ssl/ #vi /etc/nginx/ssl/YOURCERTKEY.key
Paste your keyout from the openssl creation #vi /etc/ssl/certs/YOURBUNDLE.pem
Paste your certficate bundle
Restart the servers #hollaex server --restart #hollaex web --build #hollaex web --restart
Is it correct, probably not but it works until we find a better way, if you have problems go back to nginx.conf listen 80 with configmap to http and start again, we had to do a server reboot between.
The simplest is to use the certbot and reissue every 90days or a load balancer, the only problem is with an LB it acts as the SSL termination so you have unencrypted traffic between the LB and the Hollaex server, you cannot use root haproxy or nginx on the Hollaex server, a docker instance binds to 443, to encrypt the traffic you would want a wireguard link between them which is not simple but necessary because this is fintech with active wallets, you can update the docker images but it is guaranteed something will go wrong, flaw in the implementation, don’t you just love consulting!