Enketo certificate issue on Central 0.9

Hi All

We've just updated our Central server from 0.8 to 0.9 to take advantage of some of the new Enketo integration. The upgrade itself has been successful, however when going to preview a form, Enketo throws up a Loading Error: "unable to verify the first certificate".

We host ODK Central ourselves in-house on Ubuntu 18.04, and use a custom SSL certificate.
Aside from the certificate files and specifying an internal SMTP server, there is no other change to the default configuration.

In the .env file, we had SSL_TYPE=customssl and DOMAIN=local
After getting the error, I've changed DOMAIN=<our domain>
I've since wiped, rebuilt and brought up the nginx container...

`~/central$ docker-compose up -d nginx`
`Starting secrets ...`
`Recreating mail  ...`
`central_postgres_1 is up-to-date`
`enketo_redis_cache is up-to-date`
`Starting secrets ... done`
`Recreating mail   ... done`
`Recreating enketo ... done`
`Recreating service ... done`
`Creating nginx     ... done`

but this hasn't had any effect on the problem.

Any suggestions welcome

Matthew

1 Like

@MatthewMac do you have a firewall running by any chance? Please take a read through the upgrade notes for v0.9 and see whether that could possibly apply to you.

That's the only thing I can really think of right now. It'd be helpful to hear from others whether they were able to successfully update to 0.9 with custom SSL.

Hi Hélène

No firewall running. ufw is disabled.
I went and built a whole fresh server (straight to 0.9 - no upgrade), again with our custom SSL. Same issue.
Happy to test anything else.

Matthew

1 Like

@MatthewMac we're doing a big push to get v1.0 out with Enketo submissions. I don't have any more ideas at the moment. I think you're probably most interested in the submission functionality (is that right?) so I propose that we do more troubleshooting once v1.0 is in quality assurance and Team Central has a little more time.

1 Like

@LN No problem at all. Very happy to wait (and not hold up development) for v1.0

If I find anything meanwhile, I'll certainly let you know.

1 Like

A post was split to a new topic: Central/Enketo integration with self-signed cert

Agree the submission functionality is key at LSHTM so hopefully we can get 1.0 soon and then resolve this.

1 Like

In your setup, have you been able to work with ODK Collect?