Subj : letsyncrypt issue
To   : Dumas Walker
From : Digital Man
Date : Thu Feb 12 2026 02:11 pm

  Re: letsyncrypt issue
  By: Dumas Walker to All on Thu Feb 12 2026 09:01 am

 > This week, I have started having certificate issues.  letsyncrypt is
 > enabled, running, and I have not touched the configs for it.
 >
 > Firefox users are getting a security warning which, on further inspection,
 > is complaining about a self signed cert.  Here is what appears on the BBS
 > side during such a connection:
 >
 > 2/12 08:46:38 web  0062 TLS WARNING 'Received TLS alert message: Bad
 > certificate' (-26) popping data
 >
 > Chrome also throws a security warning.  Locally:
 >
 > 2/12 08:48:49 web  0057 TLS WARNING 'Received TLS alert message: Certificate
 > unknown' (-26) setting session active
 >
 > Running the event, or running letsyncrypt from cli, don't offer any clues of
 > a potential issue:
 >
 > 2/12 08:50:02 evnt BBS Events Semaphore signaled for Timed Event: SYNCRYPT
 > 2/12 08:50:02 evnt SYNCRYPT Running native timed event: ?letsyncrypt.js
 > 2/12 08:50:02 evnt SYNCRYPT Timed event: '?letsyncrypt.js' returned 0
 >
 > Running from cli produces no clues:
 >
 > $ ./jsexec letsyncrypt.js

letencrypt.js support command-line options too:
https://wiki.synchro.net/module:letsyncrypt

 > The contents of my ini file:
 >
 > ; $Id: letsyncrypt.ini,v 1.1 2019/07/24 22:32:54 rswindell Exp $
 > ; For use with exec/letsyncrypt.js
 > ; See http://wiki.synchro.net/module:letsyncrypt for details
 >
 > Host = acme-v02.api.letsencrypt.org
 > Directory = /directory
 > TOSAgreed = true
 > GroupReadableKeyFile = false
 >
 > [Domains]
 > capitolcityonline.net = /sbbs/webv4/root
 > capcity2.synchro.net = /sbbs/webv4/root
 > classic.capitolcityonline.net =
 > /sbbs/webv4/root/classic.capitolcityonline.net
 >
 > [key_id]
 > acme-v02.api.letsencrypt.org=https://acme-v02.api.letsencrypt.org/acme
 > /acct/108002992
 >
 > [State]
 > DomainHash= (redacted)
 > Host=acme-v02.api.letsencrypt.org
 >
 > Is anyone else having issues?

I'm not having issues. When I check your domain with this tool:
https://www.ssllabs.com/ssltest/analyze.html?d=capitolcityonline.net
it reports that you have a Certificate name mismatch, clicking ignore/continue it then reports that it's self-signed.

If I try https://www.ssllabs.com/ssltest/analyze.html?d=capcity2.synchro.net it also reports a self-signed cert. So it definitely seems like the certificate being sent out doesn't match your letsyncrypt.cfg.

One thing you can do is disable self-signed cert generation by setting SCFG->System->Security->Create Self-signed Certificate to "No".
-- 
                                            digital man (rob)

Synchronet "Real Fact" #130:
Synchronet v3.20b was released on January 3, 2025 (3 years after v3.19b)
Norco, CA WX: 65.7躘, 49.0% humidity, 6 mph WNW wind, 0.00 inches rain/24hrs

.