Https certificate error with Aggregate and Digital Ocean

elliott1177 · September 5, 2019, 3:59am

1. What is the problem? Be very detailed.
I created a droplet on Digital Ocean to run ODK Aggregate. I am using this guide: https://docs.opendatakit.org/aggregate-digital-ocean/
The floating ip is working. I got a subdomain name off of Freedns.afraid.org. My problem comes from enabling HTTPS. I followed the instructions exactly and entered:
sudo certbot run --nginx --non-interactive --agree-tos -m YOUR_EMAIL --redirect -d YOUR_DOMAIN.
in the console. I will include a picture of the error message that came up after trying this multiple times.
2. What app or server are you using and on what device and operating system? Include version numbers.
I am using digital ocean with Ubuntu 18.04.3 (LTS) x64. I am using the version of ODK aggregate that is used in the guide.

3. What you have you tried to fix the problem?
I looked at some Digital ocean https guides but I would rather make this method work since it is the recommended version with the guide. I also made sure a few times that the domain name was working.

4. What steps can we take to reproduce the problem?
Just following the guide step by step.
5. Anything else we should know or have? If you have a test form or screenshots or logs, attach below.

yanokwa · September 6, 2019, 12:35am

In Step 8 of the "Create your Droplet" section of https://docs.opendatakit.org/aggregate-digital-ocean you are supposed to enter the domain name (mindotestcollection.chickenkiller.com) in the "Choose a hostname section". Do you remember doing that?

If you run cat /root/aggregate-config.json, your output should be: (click the triangle)

/root/aggregate-config.json

{
  "home": "/root",
  "jdbc": {
    "host": "127.0.0.1",
    "port": 5432,
    "db": "aggregate",
    "schema": "aggregate",
    "user": "myuser",
    "password": "mypassword"
  },
  "security": {
    "hostname": "sandbox.aggregate.opendatakit.org",
    "forceHttpsLinks": true,
    "port": 80,
    "securePort": 443,
    "checkHostnames": false
  },
  "tomcat": {
    "uid": "tomcat8",
    "gid": "tomcat8",
    "webappsPath": "/var/lib/tomcat8/webapps"
  }
}

If you run cat /etc/nginx/sites-enabled/aggregate, it should be:

/etc/nginx/sites-enabled/aggregate

server {
    client_max_body_size 100m;
    server_name sandbox.aggregate.opendatakit.org;

    location / {
        proxy_pass http://127.0.0.1:8080;
    }

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/sandbox.aggregate.opendatakit.org/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/sandbox.aggregate.opendatakit.org/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = sandbox.aggregate.opendatakit.org) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name sandbox.aggregate.opendatakit.org;
    listen 80;
    return 404; # managed by Certbot
}

elliott1177 · September 7, 2019, 9:23pm

Thank you very much for the help, I ran the first command and it said my "hostname" was my old domain. I then ran the second command and it said that the server_name was my old domain. How do I update this? Also my new domain name is associated with the floating ip of my digital ocean droplet.

JosephKi · January 10, 2020, 12:32pm

Thanks very much. I have used the same guidance and it worked well
Appreciate it