SSL not authorized -> local server on public VPS

Hello i setup a local server in order to the desciption for setup an local Blynk Server (servername and mail are modify for this post).

i did generate my certifiates manual with letsencrypt:

>  - Congratulations! Your certificate and chain have been saved at:
>    /etc/letsencrypt/live/
>    Your key file has been saved at:
>    /etc/letsencrypt/live/
>    Your cert will expire on 2019-04-18. To obtain a new or tweaked
>    version of this certificate in the future, simply run
>    letsencrypt-auto again. To non-interactively renew *all* of your
>    certificates, run "letsencrypt-auto renew"

(after reboot and delete the iptable redirection)

The server Admin site can access and the manual letsencript certificate is valit (trust) when i call

also the app can successful connect the server via port 9443

here my log:

> Using native epoll transport.
> 15:29:08.992 INFO - Initializing gmail smtp mail transport. Username : SMTP host :
> 15:29:09.080 INFO - Reports : 0
> 15:29:09.083 INFO - Didn't find Let's Encrypt certificates.
> 15:29:09.083 WARN - You didn't specified '' or '' properties in file. Automatic certificate generation is turned off. Please specify above properties for automatic certificates retrieval.
> > 15:29:09.083 INFO - **Using native openSSL provider.**
> > 15:29:10.383 INFO - HTTP API and WebSockets server listening at 8080 port.
> > 15:29:10.385 INFO - HTTPS API, WebSockets and Admin page server listening at 9443 port.
> > 15:29:10.388 INFO - Mqtt hardware server listening at 8440 port.
> > 15:29:17.468 INFO - Blynk-app (android-22701) joined.

so in the

> hardware.mqtt.port=8440
> http.port=8080
> force.port.80.for.csv=false
> force.port.80.for.redirect=false
> https.port=9443
> listen.address=
> server.ssl.cert= /etc/letsencrypt/live/
> server.ssl.key= /etc/letsencrypt/live/
> server.ssl.key.pass=
> data.folder=
> ogs.folder=./logs
> log.level=info
> user.devices.limit=50
> user.tags.limit=100
> user.dashboard.max.limit=100
> user.widget.max.size.limit=20
> user.message.quota.limit=100
> notifications.queue.limit=2000
> blocking.processor.thread.pool.limit=6
> notifications.frequency.user.quota.limit=5
> webhooks.frequency.user.quota.limit=1000
> webhooks.response.size.limit=96
> user.profile.max.size=128
> terminal.strings.pool.size=25
> map.strings.pool.size=25
> lcd.strings.pool.size=6
> table.rows.pool.size=100
> stats.print.worker.period=60000
> web.request.max.size=524288
> hard.socket.idle.timeout=10
> enable.db=false
> async.logger.ring.buffer.size=2048
> admin.rootPath=/admin
> set.interface=eth
> allowed.administrator.ips=,::/0
> admin.pass=xxxxxxxxxxxxxxx

When i try connect the raspbery pi to this server i get the following message:

> sudo /etc/init.d/ start ..
> OnOff mode
> Connecting to: 9443
> SSL authorization...
> SSL not authorized
> Connecting to: 9443
> SSL authorization...
> SSL not authorized

additional i try it with index.js example but here the same result, when i connect the cloud it works, when i try connect my local blynk server i get te same message.

i stil have no idea why this issue comes up. Even the certification is installed and setup in the server setup.
I hope someone has an idea, what i did wrong.

After some more tests i found out that it must to do with the client side “server.crt”. I think i have to fill in here the certificate from the Blynk server. But I am not sure what i have to copy from where. I think it must be the letsencrypt file from the domaine . But where i can find this? What exactly should be the name? I find in the letsencrypt directory some .pem links. I try all content and exchange the server.crt file content with all 4 link results from my letsencrypt directory of my domain.

But no success too. So may it must be a othe file, but where i have to look for fnd this? In the server dir i not see any crt files…

What happens if you specify

I did but its not looks different:

10:06:54.349 INFO - Using data dir ‘/opt/blynk/Blynk’
10:06:55.794 INFO - Region : local. Host : blynk******.de.
10:06:55.859 INFO - Using native epoll transport.
10:06:56.753 INFO - Initializing gmail smtp mail transport. Username : webserver*** SMTP host :
10:06:56.890 INFO - Reports : 0
10:06:56.896 INFO - Didn’t find Let’s Encrypt certificates.
10:06:56.897 INFO - Automatic certificate generation is turned ON.
10:06:56.897 INFO - Using native openSSL provider.
10:06:58.379 INFO - HTTP API and WebSockets server listening at 8080 port.
10:06:58.382 INFO - HTTPS API, WebSockets and Admin page server listening at 9443 port.
10:06:58.392 INFO - Mqtt hardware server listening at 8440 port.

Give Blynk a Github star! =>
OnOff mode
Connecting to: blynk****.de 9443
SSL authorization…
SSL not authorized

I am sure it must have to do with the server.crt, but i don`t understand the documentation i found on the blynk site:

i think here is the solution, but where i can find the server.crt on my blynk server for copy to the cient…

So what i read is that the pem of letsencrypt is the same content of a crt file. so i just need rename the extention. but i try use the key and certification content from letsencrypt without success… i realy frustrating now…

seems no help for this issue?

Here is my Blynk server launch

/usr/bin/java -jar /SAVE/blynk/server-0.41.2.jar -dataFolder /SAVE/blynk &

Here is my file


Here is the directory of my keys.

root@ffdp:/# ls /etc/keys

Hopefully this might give you some tips?

Note that i have these two lines… some would say these are the most important to the file.

It not helps, but thanks for your configurations. I will setup a local server in my Lan, inside I don’t need ssl.