OMV 4.1.10 and Letsencrypt Plugin

1. offizieller Beitrag

    So I had been running OMV on my RaspberryPi3 out of necessity for awhile now (several months) and yesterday I picked up a Q8300/8gb ram and I decided to install on that and use it instead. Previously I'd had Letsencrypt running on it without issue and installing seemed pretty straight forward. Well this time it's crapping out and I'm suspecting its because the certificate won't authenticate where I already had it setup with the old server. I'm getting something like this on generate.


    Command: export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /usr/bin/certbot certonly --non-interactive --test-cert --rsa-key-size 2048 --text --keep-until-expiring --agree-tos --allow-subset-of-names --cert-name angmcd.ddns.net --email gpeverill@gmail.com --webroot -w / -d angmcd.ddns.net 2>&1


    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Obtaining a new certificate
    Performing the following challenges:
    http-01 challenge for angmcd.ddns.net
    Using the webroot path / for all unmatched domains.
    Waiting for verification...
    Challenge failed for domain angmcd.ddns.net
    Cleaning up challenges
    Challenges failed for all domains
    Done...



    Ideas? I still have access to the RaspberryPi and the /etc/letencrypt. :/

    • Offizieller Beitrag

    Your webroot definitely should not be the root directory (/).

    omv 7.0.5-1 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.11 | compose 7.1.3 | k8s 7.1.0-3 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github - changelogs


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    Thank you that helped after changing webroot it was almost good to go. I created the cert. it went through and I was all good! that is until I realized that I frigging created a test cert (I had accidentally turned on the switch while noodling around). Now it complains the cert is still valid (which it still would be):




    Command: export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin; export LANG=C; /usr/bin/certbot certonly --non-interactive --rsa-key-size 2048 --text --keep-until-expiring --agree-tos --allow-subset-of-names --cert-name angmcd.ddns.net --email gpeverill@gmail.com --webroot -w /var/www/openmediavault -d angmcd.ddns.net 2>&1
    Cert exists: 1


    Saving debug log to /var/log/letsencrypt/letsencrypt.log
    Plugins selected: Authenticator webroot, Installer None
    Cert not yet due for renewal
    Keeping the existing certificate


    -------------------------------------------------------------------------------
    Certificate not yet due for renewal; no action taken.
    -------------------------------------------------------------------------------


    What would be the easiest way to do this? revoke the cert on the other machine using something like..


    certbot revoke --cert-path /PATH/TO/cert.pem --key-path /PATH/TO/key.pem


    on the raspberry pi with the old OMV install with the working letsencrypt?

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden