Just started to use LetsEncrypt on site and it works well, much quicker than doing standard SSL. Is there a way to do that with the NodeWorx SSL for InterWorx, mail, etc.?
Hello–
Here you go:
To generate an LE cert for the hostname to use for system services (must be a domain that resolves to the server but is NOT a SiteWorx account): How to: Manage SSL Certificates For System Services — InterWorx documentation
To use the LE cert of a domain for system services: How to: Manage SSL Certificates For System Services — InterWorx documentation
As a note, all documentation can be found at docs.interworx.com, which redirects to the appendix link above.
Edit–each of those links goes to the respective section of the doc, for some reason the forum decided to just format the link preview as the article title each time.
Thanks,
-Jenna
1 Like
Thanks! I was close, but forgot about the […] button (still adjusting to the awesome new version).
Some notes while we are discussing this, the option text now shows “Update Service Certificates” instead of “Update All Services” as it shows in the docs.
Also, for the “To Generate System Service SSL Certificates using Let’s Encrypt” one, I’m a bit confused by the help text next to hostname on the form.
Domain doesn’t resolve to this server or belongs to a SiteWorx account.
I understand the does not belong to a SiteWorx account since you should use source Domain for that, but shouldn’t the domain resolve to the server? That’s how I have it now actually. Maybe I’m just reading that wrong?
To me it seems like it should read
Domain resolves to this server, but does not belong to a SiteWorx account
Hello–
There is a bug report already on file to make that wording clearer.
Also re the button name, thanks I didn’t notice the wording changed on that button when I converted the IW6 doc to IW7.
Thanks,
-Jenna
I’m having a very odd issue whereby emails sent through SMTP aren’t being encrypted and wonder if it’s because of what was mentioned in this thread above…
NodeWorx system is using nodeworx.mydomain.com as the host name and for all system SSL’s…
Additionally, I have a SiteWorx account setup for the primary domain so that it can also be hosted as a website as: mydomain.com and www.mydomain.com.
Is this a conflict, or in violation of:
must be a domain that resolves to the server but is NOT a SiteWorx account
If so, could this be why I’m having strange SSL/Email issues?
Hello–
That message means, in order to create a Let’s Encrypt cert for the system services, the hostname must resolve to the server and not also be a SiteWorx account.
Did you create SSL certs for the system services?
Does the sending domain have an SSL cert that covers mail.domain.com?
Thanks,
-Jenna
Perhaps that’s my issue.
Currently, server.domain.com resolves to the server and is the NodeWorx system hostname as well as what the system SSL’s are.
Additinally, just www.domain.com and domain.com IS SETUP as a SiteWorx account.
Are you saying that NodeWorx needs a completely unique domain for NodeWorx to work properly?
The biggest issue I’m having is that the system SSL’s for server.domain.com are ALWAYS misconfigured and signed for, not domain.com, nor server.domain.com, but in fact, they’re being misconfigured as another domain from SiteWorx… this is causing all sorts of issues whereby when SMTP mail is sent through server.domain.com, the encryption fails when recieved because the SSL is NOT actually signed by server.domain.com, but it’s signed by this arbitrary other domain from SiteWorx (NodeWorx misconfigures the SSL cerrtificates for server.domain.com).
So, back to my original quesiton… can we NOT have NodeWorx setup as a hostname such as unique.my-domain.com. And then, as well, have a website setup under SiteWorx for my-domain.com
Must NodeWorx always use a completely server.unique.com domain for NodeWorx and NEVER have unique.com used in SiteWorx?
TLDR, should I be purchasing a brand new completely unique domain to be used ONLY in NodeWorx?
Meaning, it’s a violation in InterWorx for server.domain.com to be used for NodeWorx, and www.domain.com to be used as a website in SiteWorx?
Using server.domain.com for NodeWorx and having domain.com as a SiteWorx account should not be an issue. For the purposes of cert generation, these are two different domains.
As Jenna had asked before, please let us know if you already have certs generated for NodeWorx. If so, this further points to this not being the issue as the system will actively prevent you from creating the cert when this conflict occurs.
Thank you,
Brandon
Okay, good to know, thank you.
I’m stumped then. My NodeWorx is signing server.domain.com certificates with a completely different and incorrect domain (an arbitrary domain from SiteWorx).
I’ve had an ongoing ticket open with LiquidWeb for 6+ days, and they haven’t made any headway to resolve the issue. This is a new server, so I suspect something must have gone wrong during creation.
Either way, the issue seems to just keep getting worse:
- Can’t login properly to NodeWorx (every page refresh get a certificate error, so using NodeWorx is pretty much impossible (forms wont submit properly))
- SMTP mail is always signed incorrectly from every SiteWorx domain when using SMTP
Is there any possible way to have someone from InterWorx resolve this issue? I think LW is out of their depth and unable to help (24+ hours between responses and the responses are never helpful).
Hello–
Technically, LW is your point of contact for support, and they would escalate to us, directly, if needed. However, being that you’ve gone back and forth with them for a bit and they haven’t made much headway, it seems, we can take a look directly for you, as a courtesy. 
Please submit a ticket to support.interworx.com. Make sure that you provide the hostname or IP, as well as the SSH port if it is anything other than 22. Also make sure that Remote Assistance is enabled–that lets us access the server, securely, but we cannot do anything if that is not enabled: How to Enable Remote Assistance — InterWorx documentation
In your ticket, please provide exact steps as to how I can reproduce the issue(s), as well as as much detailed information as you can provide, including troubleshooting steps that have been taken, so far. The more info I have up front, the better I can help.
Note–we don’t really have 24/7 support, and our hours end at 4pm EST. Just to manage expectations, since you mentioned waiting for responses from LW. If I don’t see your ticket this afternoon, I’ll be able to address it in the morning–we open at 8am EST.
Thanks,
-Jenna
Thank you so much. I’ve been tearing my hair out for almost a week.
It will take me sometime as currently NodeWorx is competely inaccessible due to SSL errors. So enabling anything in NodeWorx is impossible at the moment (even when bypassing the SSL errors to load a page).
Thanks again for your replies and consideration.
Hello–
You don’t need to do anything in NodeWorx. You can enable remote assistance at the CLI–instructions are in that doc.
If you don’t have CLI access, though, you’ll need to have LW open a ticket with us for you.
Thanks,
-Jenna