Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

eriktobben's avatar

Problem after renewing SSL certificate

Hi,

My SSL certificate expired yesterday, and today I updated it. It is a PositiveSSL from Conmodo.

I am using Forge and I updated the certificate as I normally do. After the certificate was installed, when I try to access site.domain.com, I get redirected to test.domain.com or stage.domain.com. I then tried to install the certificate again, same problem. I also tried a Lets Encrypt certificate and the same problem appears.

If I access the site with http:// it works, but I get a TokenMismatchException on POST requests. There have been no changes to the code, and it all worked yesterday.

I have tried restarting nginx and the server with no luck. The nginx-config file have the correct domains and config/app.php have the correct site url.

This is a Laravel 5.1 app.

Does anyone have any idea on what could cause this?

0 likes
5 replies
bobbybouwmann's avatar

Are you sure your nginx config has the correct path to the SSL file?

click's avatar

Yes as bobby already said. Check the config of your site (/etc/nginx/sites-available/{yoursite}.conf). Last week I also had issues with (manually) renewing a certificate with Forge (and LetsEncrypt) and after that my nginx config was messed up. I had to manually fix it. Not sure though why it happened but it was linking to the wrong certificate and later on the ssl_certificate_key row was missing.

Look for the ssl_certificate and ssl_certificate_key in the config. Do they link to the correct (latest) certificate and key?

I only know how it should look for LetsEncrypt certificates with Forge. It should look something like:

ssl_certificate /etc/nginx/ssl/{site}/{some-number}/server.crt;
ssl_certificate_key /etc/nginx/ssl/{site}/{some-number}/server.key;

this path should be the same as you see in the interface of Forge.

eriktobben's avatar

This is what my nginx config looks like from Forge, and is the same as the path under SSL in the control panel:

server {
    listen 443 ssl;
    server_name site.domain.com;
    root /home/forge/site.domain.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl_certificate /etc/nginx/ssl/site.domain.com/123456/server.crt;
    ssl_certificate /etc/nginx/ssl/site.domain.com/123456/server.crt;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    index index.html index.htm index.php;

    charset utf-8;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/site.domain.com/server/*;
click's avatar
click
7 years ago
Best Answer
Level 35

@eriktobben yes exactly the same happened with me last week. ssl_certificate is set twice. It should look like:

    ssl_certificate /etc/nginx/ssl/site.domain.com/123456/server.crt;
    ssl_certificate_key /etc/nginx/ssl/site.domain.com/123456/server.key;

and reload nginx after this change: sudo service nginx reload

Please or to participate in this conversation.