valet: cert issue / refused to connect
I am getting the refused to connect
screen. I can ping the sites no problem and get response. I believe it may have to do with the cert issued by valet secure
.
When I run sudo /usr/local/opt/nginx/bin/nginx -g 'daemon off;'
I receive the following response:
nginx: [emerg] PEM_read_bio_X509_AUX("/Users/<user>/.config/valet/Certificates/site.app.crt") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
Recently due to company requirements I had to change my user folder name and path in Mac OS Mojave. Prior to change had no issues with valet. I have followed every error issue to try and resolve with no luck.
About this issue
- Original URL
- State: closed
- Created 6 years ago
- Reactions: 3
- Comments: 33 (16 by maintainers)
Hi
Same issue with an empty *.crt being created from
valet secure
and at the same time nginx stops listening on port:80 (and never starts listening on port:443).Changing
$this->cli->runAsUser
to$this->cli->run
on line 307 in Site.php fixed the issue. https://github.com/laravel/valet/blob/fcaa484ee3a9d852456e5bd1775648a603d9ebed/cli/Valet/Site.php#L307-L310Things I’d try:
valet tld test
(or whatever TLD you want) This will rebuild all the certs.valet unsecure
andvalet secure
, to rebuild that specific certcat /Users/<user>/.config/valet/Certificates/site.app.crt
to see what’s in the cert. What’s the starting line actually say, vs the expected text indicated by the error message?@drbyte I can confirm changing line 307 to just
run
worked and resolved the issue. I had previously runValet trust
which stopped the prompt for password, but didn’t solve the issue.@mattstauffer I believe this can be closed.
@ylving wrote:
Thanks for this!
I just tested this on older versions: High Sierra (fresh-ish install) and El Capitan (old install) without any problems. Granted, some stuff was already in the KeyChain. But re-generation of certificates worked without issue.
Update: tested on an upgrade to Mojave and confirmed using
run
works correctly there, as you said. However, even after deleting the User (for a fresh valet config) and reinstalling valet and a fresh laravel site, I can’t recreate the empty-crt situation on this fresh Mojave 10.14.1 install, using eitherrun
orrunAsUser
.