[Question] Can someone help me figure out why my encryption settings don't work?

[ghost]

Prerequisites

Please answer the following questions for yourself before submitting an issue. YOU MAY DELETE THE PREREQUISITES SECTION.

• I am running the latest version
• I checked the documentation and found no answer
• I checked to make sure that this issue has not already been filed

Issue Details

• Version of AdGuard Home server:
  • 0.103.3
• How did you setup DNS configuration:
  • System
• Operating system and version:
  • Solus 4.1 Fortitude

Expected Behavior

AdGuard Home to let me use my website and encryption certificate to enable HTTPS

Actual Behavior

"Certificate chain is invalid"
"This is an invalid private key"
"You have specified an empty certificate"

Screenshots

Screenshot:

Additional Information

Certificate issued by: Sectigo RSA Domain Validation Secure Server CA
Website hosted/maintained using domain.com

[DandelionSprout]

The closest suggestion I can come up with, based on this pretty limited information (which is admittedly limited for good reasons), is that there's actually two certificates that must be pasted in the certificate section, and not just one. At least this is the case when it comes to Let's Encrypt, where the 2nd certificate seems to identify the group who issued the certificate.

[ghost]

That might be a problem then because this is all I'm given

[DandelionSprout]

That is admittedly a problem, at first glance. I guess someone would have to google around for how Sectigo's certificates work and how to use them in APIs or other webservers.

[ghost]

I'll look into it, and see if there's anything I can do to help

Edit: This actually seems like what might be needed
https://sectigo.com/uploads/resources/Sectigo_API-Simple_Overview.pdf

[szolin]

Can you send us your certificate to [email protected] ?
Without the private key, of course.

[ghost]

Yes, I will do that right now

[ghost]

Reopening the issue to ask if there's any update on this? I still can't connect my AdGuard Home server to my website.

[ameshkov]

I guess the easiest way to resolve this is to use Let's Encrypt certs which are known to work properly with AGH, just follow the instruction:
https://github.com/AdguardTeam/AdGuardHome/wiki/Encryption#alternative-to-certbot-lego

[ghost]

Sadly, my current provider appears to have no support for this. The domain started out with a free Let's Encrypt certificate that I couldn't see any of the details to, the provider didn't allow it for some reason and that's why I chose to pay for the upgraded certificate in some hopes that it would work with AdGuard Home. But, I now know this is something to take into account with the site and will end up switching to a more supported domain hosting service when this one expires.

[ameshkov]

Hmm, so weird, in theory you can change domain registrar whenever you want.

[ghost]

Hmm, so weird, in theory you can change domain registrar whenever you want.

I will definitely look into that, thanks!