openmediavault-letsencrypt

    • OMV 3.x
    • Ok silly error from my side:

      My nginx configuration was wrong. Should be:

      Display Spoiler


      location ^~ /.well-known/acme-challenge/ {
      allow all;
      root /var/www/openmediavault;
      try_files $uri =404;
      }


      Thus without acme-challenge directory, otherwise LE did not have permission to create this folder.

      Now it workt to generate certificate.

      thanks.

      The post was edited 1 time, last by wouterve ().

    • Hallo zusammen,
      leider bekomme ich es nicht hin das Zertifikat zu erstellen. Folgende Fehlermeldung kommt
      Display Spoiler

      Command: export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /usr/bin/certbot certonly --non-interactive --test-cert --rsa-key-size 2048 --text --keep-until-expiring --agree-tos --allow-subset-of-names --cert-name Letsencrypt --email XXXXXX@hotmail.com --webroot -w /var/www/openmediavault/ -d 123456.ddns.net 2>&1


      Saving debug log to /var/log/letsencrypt/letsencrypt.log
      Starting new HTTPS connection (1): acme-staging.api.letsencrypt.org
      Obtaining a new certificate
      Performing the following challenges:
      http-01 challenge for 123456.ddns.net
      Using the webroot path /var/www/openmediavault for all unmatched domains.
      Waiting for verification...
      Challenge failed for domain 123456.ddns.net
      Cleaning up challenges
      Challenges failed for all domains
      Fertig...





      Port 80 und 443 im Router sind offen. Meine DynDNS funktioniert nur über Port 443!!! Was kommt mir da in die Quere? (nginx?)
      Ps. Ich habe meine Dyndns abgeändert
      Kann mir jemand helfen?
    • cleimarcia wrote:

      Hello,
      unfortunately, I can not get the certificate. The following error message comes (look at #522)

      Port 80 and 443 in the router are open. My DynDNS only works over port 443 !!! What comes in the way? (Nginx?)
      Ps. I have changed my Dyndns
      Can someone help me?
      Hello, you have to check :
      **if your ddns is registered and known from the Internet (with a dnslookup, dig, etc...)
      **your omv-webgui security settings ("general settings).
      **delete self-signed cert + resetting access to http on 80 works for me.
      I've ddns too, certificat is now created but it doesn't work in firefox (due to a misconfig from my side regarding 'subject alt name')