1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • letsyncrypt issue

    From Dumas Walker@VERT/CAPCITY2 to All on Thu Feb 12 09:01:49 2026
    This week, I have started having certificate issues. letsyncrypt is enabled, running, and I have not touched the configs for it.

    Firefox users are getting a security warning which, on further inspection, is complaining about a self signed cert. Here is what appears on the BBS side during such a connection:

    2/12 08:46:38 web 0062 TLS WARNING 'Received TLS alert message: Bad certificate' (-26) popping data

    Chrome also throws a security warning. Locally:

    2/12 08:48:49 web 0057 TLS WARNING 'Received TLS alert message: Certificate unknown' (-26) setting session active

    Running the event, or running letsyncrypt from cli, don't offer any clues of a potential issue:

    2/12 08:50:02 evnt BBS Events Semaphore signaled for Timed Event: SYNCRYPT
    2/12 08:50:02 evnt SYNCRYPT Running native timed event: ?letsyncrypt.js
    2/12 08:50:02 evnt SYNCRYPT Timed event: '?letsyncrypt.js' returned 0

    Running from cli produces no clues:

    $ ./jsexec letsyncrypt.js

    JSexec v3.21a-Linux master/123f2d28a - Execute Synchronet JavaScript Module Compiled Jul 12 2025 20:59 with GCC 12.2.0

    Loading configuration files from /home/bbs/ctrl
    JavaScript-C 1.8.5 2011-03-31
    JavaScript: Creating runtime: 8388608 bytes

    Reading script from /home/bbs/repo/exec/letsyncrypt.js /home/bbs/repo/exec/letsyncrypt.js compiled in 0.00 seconds /home/bbs/repo/exec/letsyncrypt.js executed in 0.06 seconds

    JavaScript: Destroying context
    JavaScript: Destroying runtime

    The contents of my ini file:

    ; $Id: letsyncrypt.ini,v 1.1 2019/07/24 22:32:54 rswindell Exp $
    ; For use with exec/letsyncrypt.js
    ; See http://wiki.synchro.net/module:letsyncrypt for details

    Host = acme-v02.api.letsencrypt.org
    Directory = /directory
    TOSAgreed = true
    GroupReadableKeyFile = false

    [Domains]
    capitolcityonline.net = /sbbs/webv4/root
    capcity2.synchro.net = /sbbs/webv4/root
    classic.capitolcityonline.net = /sbbs/webv4/root/classic.capitolcityonline.net

    [key_id] acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme /acct/108002992

    [State]
    DomainHash= (redacted)
    Host=acme-v02.api.letsencrypt.org

    Is anyone else having issues?

    $$
    ---
    þ Synchronet þ CAPCITY2 * Capitol City Online
  • From Digital Man@VERT to Dumas Walker on Thu Feb 12 14:11:33 2026
    Re: letsyncrypt issue
    By: Dumas Walker to All on Thu Feb 12 2026 09:01 am

    This week, I have started having certificate issues. letsyncrypt is enabled, running, and I have not touched the configs for it.

    Firefox users are getting a security warning which, on further inspection, is complaining about a self signed cert. Here is what appears on the BBS side during such a connection:

    2/12 08:46:38 web 0062 TLS WARNING 'Received TLS alert message: Bad certificate' (-26) popping data

    Chrome also throws a security warning. Locally:

    2/12 08:48:49 web 0057 TLS WARNING 'Received TLS alert message: Certificate unknown' (-26) setting session active

    Running the event, or running letsyncrypt from cli, don't offer any clues of a potential issue:

    2/12 08:50:02 evnt BBS Events Semaphore signaled for Timed Event: SYNCRYPT 2/12 08:50:02 evnt SYNCRYPT Running native timed event: ?letsyncrypt.js
    2/12 08:50:02 evnt SYNCRYPT Timed event: '?letsyncrypt.js' returned 0

    Running from cli produces no clues:

    $ ./jsexec letsyncrypt.js

    letencrypt.js support command-line options too: https://wiki.synchro.net/module:letsyncrypt

    The contents of my ini file:

    ; $Id: letsyncrypt.ini,v 1.1 2019/07/24 22:32:54 rswindell Exp $
    ; For use with exec/letsyncrypt.js
    ; See http://wiki.synchro.net/module:letsyncrypt for details

    Host = acme-v02.api.letsencrypt.org
    Directory = /directory
    TOSAgreed = true
    GroupReadableKeyFile = false

    [Domains]
    capitolcityonline.net = /sbbs/webv4/root
    capcity2.synchro.net = /sbbs/webv4/root
    classic.capitolcityonline.net = /sbbs/webv4/root/classic.capitolcityonline.net

    [key_id] acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme /acct/108002992

    [State]
    DomainHash= (redacted)
    Host=acme-v02.api.letsencrypt.org

    Is anyone else having issues?

    I'm not having issues. When I check your domain with this tool: https://www.ssllabs.com/ssltest/analyze.html?d=capitolcityonline.net
    it reports that you have a Certificate name mismatch, clicking ignore/continue it then reports that it's self-signed.

    If I try https://www.ssllabs.com/ssltest/analyze.html?d=capcity2.synchro.net it also reports a self-signed cert. So it definitely seems like the certificate being sent out doesn't match your letsyncrypt.cfg.

    One thing you can do is disable self-signed cert generation by setting SCFG->System->Security->Create Self-signed Certificate to "No".
    --
    digital man (rob)

    Synchronet "Real Fact" #130:
    Synchronet v3.20b was released on January 3, 2025 (3 years after v3.19b)
    Norco, CA WX: 65.7øF, 49.0% humidity, 6 mph WNW wind, 0.00 inches rain/24hrs ---
    þ Synchronet þ Vertrauen þ Home of Synchronet þ [vert/cvs/bbs].synchro.net