Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
[ Letsencrypt ][ 1.0.0.0 ] Free, automated, and open Certificate Authority.
#21
I did follow your guide, but apparently I made a stupid copy/paste error...  Blush 

I copied the line 
Code:
SSLCertificateFile "/raid/data/MOD_CONFIG/letsencrypt/live/mydomain/cert.pem"

and used that same line for the private key and chain file lines and only changed the name of the certificate so like this:
Code:
SSLCertificateFile "/raid/data/MOD_CONFIG/letsencrypt/live/mydomain/privkey.pem"
SSLCertificateFile "/raid/data/MOD_CONFIG/letsencrypt/live/mydomain/chain.pem"

Only this evening I noticed my mistake, corrected the code into
Code:
SSLCertificateKeyFile "/raid/data/MOD_CONFIG/letsencrypt/live/mydomain/privkey.pem"
SSLCertificateChainFile "/raid/data/MOD_CONFIG/letsencrypt/live/mydomain/chain.pem"

and it worked!  Smile 

Thank you for your work and assistance!

PS: just noticed that you did a similar mistake in your guide in the 3rd step of the procedure  Wink
Reply
#22
yes i know...but i forgot to update the guide Smile

PS: the guide is updated
------------------------------------------------------------------------
[Image: linkedinbutton.jpg][Image: btn_donate_LG.gif]
Please respect my work and dont share my modules
Reply
#23
You can change the cache directory by setting the PYTHON_EGG_CACHE environment variable to point to an accessible directory.
error/ pls help
Reply
#24
please post a bit more about the error
------------------------------------------------------------------------
[Image: linkedinbutton.jpg][Image: btn_donate_LG.gif]
Please respect my work and dont share my modules
Reply
#25
An unexpected error occurred:
ExtractionError: Can't extract file(s) to egg cache

The following error occurred while trying to extract file(s) to the Python egg
cache:

[Errno 28] No space left on device: '/some'

The Python egg cache directory is currently set to:

/some/other/dir

Perhaps your account does not have write access to this directory? You can
change the cache directory by setting the PYTHON_EGG_CACHE environment
variable to point to an accessible directory.
Reply
#26
but what is this /some/other/dir ? Can you post the correct path ?
Or tell me when it popup so i can try to reproduce it myself.
And what is your OS version ?
------------------------------------------------------------------------
[Image: linkedinbutton.jpg][Image: btn_donate_LG.gif]
Please respect my work and dont share my modules
Reply
#27
Hi outkastm

When i run "/raid/data/module/Letsencrypt/shell/module.rc certonly" in a ssh session i get the following error...

....
Performing the following challenges:
tls-sni-01 challenge for longo.no-ip.org
Cleaning up challenges
Problem binding to port 443: Could not bind to IPv4 or IPv6.

I just configured apache ssl to listen to 443 maintaning the default ssl configuration and certificates (using your module apache 2.4) and i can access it obviosly with certificate error...

Well... i found the cause... needed to stop apache...
After, it runs ok and after manual configuration of httpd-ssl.conf and a restart of apache everything ok.

Just place the post just in case of someone stoping by this problem.

Regards

JL
Reply
#28
letsencrypt is configured to run his own server which bind on 443.
This is done considering ThecusOS use the default port 443, and letsencrypt stop this server to run his own server.
Indeed there are some users like you, who changed the ThecusOS webserver port to something else than 443, and use port 443 to run an apache server.
In this case, letsencrypt should be run in different way, to use an existing server to create/renew certificates.
I will see for a way to update the script based on these 2 situation
------------------------------------------------------------------------
[Image: linkedinbutton.jpg][Image: btn_donate_LG.gif]
Please respect my work and dont share my modules
Reply
#29
Also followed your (well-written) guide but have an issue with creating the certificates:

NAS101:~# /raid/data/module/Letsencrypt/shell/module.rc certonly
Saving debug log to /raid/data/MOD_CONFIG/letsencrypt/log/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for dra101.onthewifi.com
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.
NAS101:~#



Here's the complete log:

2018-02-02 09:21:53,197Big GrinEBUG:certbot.error_handler:Calling registered functions
2018-02-02 09:21:53,198:INFO:certbot.auth_handler:Cleaning up challenges
2018-02-02 09:21:53,198Big GrinEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File "/raid/data/module/Letsencrypt/sys/venv/bin/certbot", line 11, in <module>
load_entry_point('certbot==0.20.0', 'console_scripts', 'certbot')()
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/main.py", line 861, in main
return config.func(config, plugins)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/main.py", line 786, in certonly
lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/main.py", line 85, in _get_and_save_cert
lineage = le_client.obtain_and_enroll_certificate(domains, certname)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/client.py", line 357, in obtain_and_enroll_certificate
certr, chain, key, _ = self.obtain_certificate(domains)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/client.py", line 318, in obtain_certificate
self.config.allow_subset_of_names)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/auth_handler.py", line 74, in get_authorizations
resp = self._solve_challenges()
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/auth_handler.py", line 115, in _solve_challenges
resp = self.auth.perform(self.achalls)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 221, in perform
return [self._try_perform_single(achall) for achall in achalls]
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 228, in _try_perform_single
_handle_perform_error(error)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 226, in _try_perform_single
return self._perform_single(achall)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 232, in _perform_single
servers, response = self._perform_http_01(achall)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 241, in _perform_http_01
servers = self.servers.run(port, challenges.HTTP01, listenaddr=addr)
File "/raid/data/module/Letsencrypt/sys/venv/lib/python2.7/site-packages/certbot-0.20.0-py2.7.egg/certbot/plugins/standalone.py", line 67, in run
raise errors.StandaloneBindError(error, port)
StandaloneBindError: Problem binding to port 80: Could not bind to IPv4 or IPv6.

To be more exact: port forwarding has already been setup on 80 & 443 on my router and the thecus page is accessible on both.
Reply
#30
i will have a look today. can you temporary change the port of Thecus WebUi to something else than 80 and try to run again letsencrypt ?
------------------------------------------------------------------------
[Image: linkedinbutton.jpg][Image: btn_donate_LG.gif]
Please respect my work and dont share my modules
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)