Hi community,
I’m struggling to get the HTTPS connection to run for my LibreTime server, which runs on radiotnp.com.
The Icecast part of my server seems to be secured, at least I’m assuming so, because I see the Icecast admin login when I go to radiotnp.com:8443.
When I go to radiotnp.com however, I get a 500 http error -
Here are the steps I followed:
- I installed LibreTime on Ubuntu 20.4 on a new Digital Ocean droplet, using the LibreTime installer.
- Before I ran the installer, I secured my page radiotnp.com using Certbot and Nginx reverse proxy as per the install docs.
- I added all relevant ports to the firewall allowed ports:
root@radio-tnp-ubuntu-server:/etc# sudo ufw status
Status: active
To Action From
-- ------ ----
Nginx Full ALLOW Anywhere
22/tcp ALLOW Anywhere
22,80,8000/tcp ALLOW Anywhere
8001,8002/tcp ALLOW Anywhere
8443/tcp ALLOW Anywhere
443/tcp ALLOW Anywhere
8080 ALLOW Anywhere
Nginx Full (v6) ALLOW Anywhere (v6)
22/tcp (v6) ALLOW Anywhere (v6)
22,80,8000/tcp (v6) ALLOW Anywhere (v6)
8001,8002/tcp (v6) ALLOW Anywhere (v6)
8443/tcp (v6) ALLOW Anywhere (v6)
443/tcp (v6) ALLOW Anywhere (v6)
8080 (v6) ALLOW Anywhere (v6)
Here’s the Ngingx /nginx/sites-eneabled/radiotnp.com.conf:
server {
listen 80;
server_name radiotnp.com;
client_max_body_size 512M;
client_body_timeout 300s;
if ($host = radiotnp.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
return 404; # managed by Certbot
}
server {
listen 443 ssl;
server_name radiotnp.com;
ssl_certificate /etc/letsencrypt/live/radiotnp.com/fullchain.pem; # m>
ssl_certificate_key /etc/letsencrypt/live/radiotnp.com/privkey.pem; #>
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
client_max_body_size 512M;
client_body_timeout 300s;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_pass http://localhost:8080/;
}
}
These are the error logs of Nginx:
root@radio-tnp-ubuntu-server:/etc# sudo tail /var/log/nginx/libretime.error.log
2024/08/04 17:55:25 [error] 785571#785571: *77 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught ErrorException: yaml_parse_file(): parsing error encountered during parsing: did not find expected key (line 212, column 7), context while parsing a block mapping (line 204, column 7) in /usr/share/libretime/legacy/application/configs/conf.php:238
Stack trace:
#0 [internal function]: exception_error_handler()
#1 /usr/share/libretime/legacy/application/configs/conf.php(238): yaml_parse_file()
#2 /usr/share/libretime/legacy/application/configs/conf.php(427): Config::load()
#3 /usr/share/libretime/legacy/application/Bootstrap.php(5): Config::getConfig()
#4 /usr/share/libretime/legacy/vendor/zf1s/zend-application/library/Zend/Application.php(340): require_once('/usr/share/libr...')
#5 /usr/share/libretime/legacy/vendor/zf1s/zend-application/library/Zend/Application.php(202): Zend_Application->setBootstrap()
#6 /usr/share/libretime/legacy/vendor/zf1s/zend-application/library/Zend/Application.php(99): Zend_Application->setOptions()
#7 /usr/share/libretime/legacy/a" while reading response header from upstream, client: 79.110.62.113, server: , request: "GET http://example.com/ HTTP/1.1", upstream: "fastcgi://unix:/run/libretime-legacy.sock:", host: "example.com"
Previously, I used to get a “SSL handshake failed” error - not sure what exactly changed tough, so that the “SSL handshake failed” is not there anymore.
I have tried every possible solution from the docs and community and I’m completely lost at this point. If installed LibreTime 4 times on new droplets, but can’t fix the SSL issue.
What should I check?
If someone can help me out here, I’d massively appreciate it!
