I have been trying to set up HTTPS with DigitalOcean following the instructions found here: DigitalOcean - Rocket.Chat Docs (in particular, the “Setting up HTTPS” section).
After running the code rocketchatctl configure --lets-encrypt --root-url=https://chat.kwonfred.com --letsencrypt-email=fred@kwonfred.com I am still unable to access the server at https://chat.kwonfred.com. Additionally, I am unable to access Rocket Chat at http://Droplet-IP:3000 (e.g. http://147.182.222.xxx:3000) that I could previously access.
That is, how do I properly configure the “https://chat.yourcompany.com” part with my own domain name to properly configure HTTPS with a DigitialOcean Rocket Chat server?
Can you tell us what the output of the letsencrypt command was?
Also DO uses traefik, can you add some of its logs?
journalctl -eu traefik
One last thing, I just checked and there doesn’t seem to be any A records associated with chat.kwonfred.com. Maybe you changed the domain name for this post, but if not, make sure you have the correct DNS records set.
Thank you so much for your reply. Here are the logs:
-- Logs begin at Fri 2021-07-30 06:43:26 UTC, end at Tue 2021-08-03 17:32:58 UTC. --
Aug 02 16:38:50 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 systemd[1]: Stopping Traefik...
Aug 02 16:38:50 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 systemd[1]: traefik.service: Succeeded.
Aug 02 16:38:50 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 systemd[1]: Stopped Traefik.
Aug 02 16:38:50 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 systemd[1]: Starting Traefik...
Aug 02 16:38:52 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 systemd[1]: Started Traefik.
Aug 02 16:39:00 rocketchat-ubuntu-s-1vcpu-1gb-intel-nyc1-01 traefik[45735]: time="2021-08-02T16:39:00Z" level=error msg="Unable to obtain ACME certificate for domains \"chat.kwonfred.com\" : unable to generate a certificate for the domains [chat.kwonfred.com]: acme: Error -> One or more domains had a problem:\n[chat.kwonfred.com] acme: error: 400 :: urn:ietf:pa>
lines 1-7/7 (END)
I actually did not change the domain name for this post. I have very limited experience working with domains / DNS in general. I own kwonfred.com, but how would I go about setting a URL that I can use to set up SSL for Rocket Chat set up with DigitalOcean?
This is a good article on the second option. I actually recommend you go with that one. Look at the Gif that is embedded in that article.
In a gist, you need to select A to be the type of the record, then for host, enter just the subdomain part (chat in your case), and finally enter the IP that this subdomain should point to.
First thing you need to do is read the article I linked. Then follow those instructions for your own registrar. It shouldn’t be much different. After that’s done, wait. ping the domain ping -c1 chat.kwonfred.com to see if it resolves to your droplet’s IP or not. Once it does, rerun the rocketchatctl command, and you should be able to access your server on https://chat.kwonfred.com
If you have any questions regarding this, feel free to reply here, we’re here to help.