Hi all, through the letsencript plugin I had created the certificate to have an HTTPS connection to my NAS.
The certificate has expired and I can no longer update it, should I have updated it before the deadline?
How can I do now?
It also gives me error messages when creating a new certificate.
Problem with letsencrypt certificate
-
- OMV 3.x
- dexter2478
-
-
You need to revert to Http temporaly and delete old cert from NAS, once done you can generate a new cert to use it and revert to https, not know if other way is possible, but this must work because is simmilar to first time you generate the cert.
-
Tonight, when I come home I try and let you know, thank you!
-
-
I am having a similar issue right now. I disabled forced HTTPS to renew the certificate, and I got a response that the certificate renewal was successful, but when I checked the certificate information in Chrome, it's still showing the certificate that is due to expire today.
-
I am having a similar issue right now. I disabled forced HTTPS to renew the certificate, and I got a response that the certificate renewal was successful, but when I checked the certificate information in Chrome, it's still showing the certificate that is due to expire today.
This happens on OMV 3 because the private cert is not updated on renewal. Try purging the plugin and reinstalling. OMV 4 shouldn't have this issue.
-
Okay. I assume I will have to regenerate the certificate once I reinstall it?
-
-
I assume I will have to regenerate the certificate once I reinstall it?
yep.
-
This happens on OMV 3 because the private cert is not updated on renewal. Try purging the plugin and reinstalling. OMV 4 shouldn't have this issue.
I think it's time to move to OMV 4.x then! Is it stable, right? I
Just to not be blocked again next time, the certificates must be updated before the deadline ??
-
Is it stable, right?
Depends on what plugins you use. Core OMV 4.x is stable in my opinion.
the certificates must be updated before the deadline ?
This should happen automatically with the cron job that the plugin creates.
-
-
Depends on what plugins you use. Core OMV 4.x is stable in my opinion.
Plex, Transmission, SMB, FTP, USBBackup, let's encrypt, docker....
-
Plex, Transmission, SMB, FTP, USBBackup, let's encrypt, docker....
If you move plex and transmission to docker, you will be fine.
-
If you move plex and transmission to docker, you will be fine.
I'll keep this in mind! thank you
-
-
Unfortunately, today I have not been able to solve the problem. I've set everything up in HTTP, removed the letsencrypt plugin, but I can not delete the certificate that is on OMV's "SYSTEM -> CERTIFICATE" pages ... and I think that creates problems for me. If you have any solution to recommend ....
Otherwise as soon as I have time, step directly to 4.x
-
but I can not delete the certificate that is on OMV's "SYSTEM -> CERTIFICATE" page
If it is in use, then you can't delete it.
-
Se è in uso, non è possibile eliminarlo.
in fact, I realized only now that it was in use in FTPS.
Now I managed to delete it!
-
-
now I'm returning this error:
Challenges failed for all domains
-
Hello there, I'm getting the same issue. My certificate just expire and I can't make a new one (Challenges failed for all domains). And yes I tried what people said here.
If anyone have a fixThanks
ps : Forgot logs :v
Code
Alles anzeigenServer: nginx Content-Type: application/json Link: <https://acme-v01.api.letsencrypt.org/acme/new-cert>; Replay-Nonce: rNm0Xu3khwkBAizn8Im30_nWan32QNLRhXEu35EHQTw X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Content-Length: 4137 Expires: Sat, 07 Jul 2018 17:03:19 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Sat, 07 Jul 2018 17:03:19 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "xxxxx.me" }, "status": "invalid", "expires": "2018-07-14T17:03:16Z", "challenges": [ { "type": "http-01", "status": "invalid", "error": { "type": "urn:acme:error:connection", "detail": "Fetching http://xxxx.me: Error getting validation data", "status": 400 (...) "type": "dns-01", "status": "invalid", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/t_4_G7NEojW3oz9ZrsDNO4iqaW582BVauuKNUExBu_c/5521325074" "token": "oJIUf4mUseXqPBuFd3ANCKc9ft_Uk80-gfYXnxnGS4g" } ], "combinations": [ [ 1 ], [ 0 ] ] } 2018-07-07 19:03:47,516:WARNING:certbot.auth_handler:Challenge failed for domain xxxxx.me 2018-07-07 19:03:47,516:DEBUG:certbot.error_handler:Calling registered functions 2018-07-07 19:03:47,517:INFO:certbot.auth_handler:Cleaning up challenges 2018-07-07 19:03:47,517:DEBUG:certbot.plugins.webroot:Removing /var/www/openmediavault/.well-known/acme-challenge/m1xTuwR 2018-07-07 19:03:47,517:DEBUG:certbot.plugins.webroot:All challenges cleaned up 2018-07-07 19:03:47,517:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in <module> load_entry_point('certbot==0.25.0', 'console_scripts', 'certbot')() File "/usr/lib/python3/dist-packages/certbot/main.py", line 1323, in main return config.func(config, plugins) File "/usr/lib/python3/dist-packages/certbot/main.py", line 1213, in certonly lineage = _get_and_save_cert(le_client, config, domains, certname, lineage) File "/usr/lib/python3/dist-packages/certbot/main.py", line 120, in _get_and_save_cert lineage = le_client.obtain_and_enroll_certificate(domains, certname) File "/usr/lib/python3/dist-packages/certbot/client.py", line 383, in obtain_and_enroll_certificate cert, chain, key, _ = self.obtain_certificate(domains) File "/usr/lib/python3/dist-packages/certbot/client.py", line 326, in obtain_certificate orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names) File "/usr/lib/python3/dist-packages/certbot/client.py", line 362, in _get_order_and_authorizations authzr = self.auth_handler.handle_authorizations(orderr, best_effort) File "/usr/lib/python3/dist-packages/certbot/auth_handler.py", line 93, in handle_authorizations "Challenges failed for all domains") certbot.errors.AuthorizationError: Challenges failed for all domains
Jetzt mitmachen!
Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!