Unable to setup SSL


Since v104 is out, and LetsEncrypt is no longer available, i’m getting a lot of trouble setting up SSL.

I’ve followed https://dietpi.com/phpbb/viewtopic.php?f=8&t=5&start=10 and checking all details but with no success.

Details of /etc/apache2/sites-enabled/default-ssl.conf:

<IfModule mod_ssl.c>
        <VirtualHost mydomain:443>
                ServerAdmin webmaster@mydietpi
                ServerName mydietpi.mydomain
                DocumentRoot /var/www

                LogLevel error
                ErrorLog /error.log
                #CustomLog /access.log combined

                SSLEngine on

                SSLCertificateFile /etc/apache2/ssl/apache.crt
                SSLCertificateKeyFile /etc/apache2/ssl/apache.key

                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars

                BrowserMatch "MSIE [2-6]"                                 nokeepalive ssl-unclean-shutdown                                 downgrade-1.0 force-r$
                BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

Please help me with this issue

Thanks in advance,

Hi Micose,

I assume you are running Wheezy? LetsEncrypt is available on the Jessie image. If its not too late to change to Jessie, i would highly recommend it. LetsEncrypt is a godsend when it comes to SSL.

I’am not 100% if I have tested this on Wheezy, so this may be an error on my part. I’ve slowly been moving over to Jessie as all the other DietPi images (Odroid/VM/OPI etc) are also Jessie.
If Wheezy is critical to your setup, let me know and I will test this on a new installation and report back if changes are needed. However, it may be a few days before I will have the time available to do this.

Yes i am running Wheezy and Wheezy is not critical for my project at the moment.

I want to run a couple of services on dietpi and mainly use apache for a small webpage to manage my services and computers inside the house, like WOL via DietPi.

Perhaps it is best to start over with Jessie… small bump on the road.

Appreciate the help! :smiley:

Ah brilliant. Means I can continue work on v105 for a bit :smiley:

Sounds like an interesting project. If you get into any trouble down the road, just let me know and I’ll see if I can help.

Hi expert,
My environment is Nginx+MaiaDB.
CertBot only support apache in Dietpi-software hint, can I use it in Nginx with DietPi version:128 ? or can I use another way to enable SSL in Nginx?

I have try to install CertBot manually, and finished *.pem generation.
My plan is to install owncloud/wordexpress in same Nginx, but I don’t know how to config .conf file with SSL before start install OC/WP.

drwxr-xr-x 2 root root 4096 8月 14 01:57 .
drwx------ 3 root root 4096 8月 14 01:57 …
lrwxrwxrwx 1 root root 39 8月 14 01:57 cert.pem → …/…/archive/myhttpsURL/cert1.pem
lrwxrwxrwx 1 root root 40 8月 14 01:57 chain.pem → …/…/archive/myhttpsURL/chain1.pem
lrwxrwxrwx 1 root root 44 8月 14 01:57 fullchain.pem → …/…/archive/myhttpsURL/fullchain1.pem
lrwxrwxrwx 1 root root 42 8月 14 01:57 privkey.pem → …/…/archive/myhttpsURL/privkey1.pem

Can you provide suggestions to me?

You need first to convert .pem to .crt and .key file

openssl x509 -outform der -in cert.pem -out cert.crt

openssl rsa -outform der -in privkey.pem -out private.key

copy the files to nginx /etc/nginx/ssl
create the folder if its not present.

The Software installation from diepi create for nginx one default site config
also named default - you find it here:


edit the first server section on top
that should be present:

server {
    listen 80 default_server;

to the new ssl config:

server {
    listen 443 ssl;
    ssl_certificate /etc/nginx/ssl/cert.crt;
    ssl_certificate_key /etc/nginx/ssl/private.key;

restart the webserver

/etc/init.d/nginx restart

You can also create a new config only for OC without modification on the default conf


btw. You can find here a sample.

Thanks Bob, excellent walk-though and guide! Good stuff :slight_smile:

You’re welcome! :slight_smile: