I took in the options in letsencrypt for the web root only a "/" is it okay? and in the nginx-plugin i use only namebased option for the domains. for more infos i have the complete letsencrypt logfile
No, you need the true path not the url path. So, it needs to be /var/www/ or whatever. If you use /, it will look in the root filesystem.
Thanks a lot, i have try it withe /var/www/ but the problem is not solved.
here is the detalided error
Connection: keep-alive
{
"identifier": {
"type": "dns",
"value": "my_domain"
},
"status": "invalid",
"expires": "2018-01-13T20:34:37Z",
"challenges": [
{
"type": "http-01",
"status": "invalid",
"error": {
"type": "urn:acme:error:unauthorized",
"detail": "Invalid response from http://my_domain/.well-known/acme-challenge/c1jnSBf_gR8GVHD4QWZ_pvLdgkQRiaSkxQ6gs9sSStI [XXX.XXX.XXX.XXX]: 404",
"status": 403i reinstall and activate the plugin and here is the log from the gui
Command: export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /usr/bin/certbot certonly --non-interactive --rsa-key-size 2048 --text --keep-until-expiring --agree-tos --allow-subset-of-names --cert-name my_domain --email admin@my_domain --webroot -w /var/www/ -d my_domain 2>&1
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for my_domain
Using the webroot path /var/www for all unmatched domains.
Waiting for verification...
Challenge failed for domain my_domain
Cleaning up challenges
Challenges failed for all domains
IMPORTANT NOTES:
- If you lose your account credentials, you can recover through
e-mails sent to admin@my_domain.
- Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
Fertig...In the /etc/letsencrypt there are only two folders renewal and accounts
I hope it helps to fix it.
/var/www/ but the problem is not solved.
That was an example directory not the one you should use.
okay, i understand,but how looks like the premissions from thins folder?
okay, i understand,but how looks like the premissions from thins folder?
I don't understand the question. The certbot files are written to the folder so the service can read them served by the web server.
no, I test different folders and make a new cert folder with the webgui. Then I tray /shatedfolders/certs/ it takes a new subfolder with .well-knowe/ but it doesn't work. Simulary error.
.well-known is not the certfolder.
This folder is generated by the certbot to look if the domain is available. A file is stored in this folder and deleted again to validate the address. That's how I understand that.
Your certificates are stored under /etc/letsencrypt/...
The folder you mean in the pluginsection is the folder, where your website is stored. E.g. /var/www/openmediavault or /var/www/vhosts/somthingelse.
thanks @DanieleU.
But when I use the nginx plugin an namebased servers I don't know who can I find it.
To find what?
The configpage for the namebased servers or the folder for your namebased servers?
The folders you must create separately.
I created for each namebased server a separate folder like so:
/var/www/vhosts/name.based1.tld
/var/www/vhosts/name.based2.tld
and so on.
You can create it as subfolder in /var/www/openmediavault too.
Don't forget to chown www-data:www-data the (sub)folders e.g. you will use next-/owncloud.
For the letsencrypt-plugin you must then create a entry for each domain in the domains section.
So i hope this will help you.
But when I use the nginx plugin an namebased servers I don't know who can I find it.
It is the path of the shared folder that you selected for each name-based server. So, something like /srv/dev-disk-by-label-e4/domain-com/ if your shared folder is named domain.com
@ryecoaaron
thanks a lot, but im so confusing.
my one nginxside is in the folder:
srv/dev-disk-by-label-data1/cloud/
thee other two sides are proxipas sides and i dont need some folders.
@DanieleU.
Thank you too, but what do i inside the folders? nothing ? /name.based1.tld -> It is a file or is it a folder?
/srv/dev-disk-by-label-data1/cloud/
In the letsencrypt plugin, you would enter this for a path then.
I have test it with only the domain with the folder.
but it doesn't work... the error looks the same
and i have a error in my nginx :
[error] 30833'30833:*1279 access forbidden by rule, client: 10.133.3.139, server my_domain, request:"GET/.well-known/acme-challenge /c1jnSBf_gR8GVHD4QWZ_pvLdgkQRiaSkxQ6gs9sSSts HTTP/1.1", host my_Domainbut it doesn't work... the error looks the same
Can you post the error log again? It should be a bit different.
Looks like the configuration of your site is blocking the files that certbot needs. Not sure how to help there.
have an input for the nginx options
I doubt he uses this plugin. Maybe you need to ask about the certbot error in the certbot forum.
crazy
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!