Letsencrypt problem

    • OMV 4.x

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Letsencrypt problem

      New

      forgive my english, i'm using google translate
      I hope this is the right section for my problem
      I was following the tutorial for Nextcloud remotely,
      when I ran into a problem.

      In this problem:

      Display Spoiler


      IMPORTANT NOTES: Failed authorization procedure. XXXXXXX.duckdns.org (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from XXXXXXX.duckdns.org/.well-know…7Snd-SQlkjHW3YWQEyayo6OSs [XX.XX.X.XXX]: 404 - The following errors were reported by the server: Domain: XXXXXXXXXX.duckdns.org Type: unauthorized Detail: Invalid response from XXXXXXX.duckdns.org/.well-know…7Snd-SQlkjHW3YWQEyayo6OSs [XX.XX.X.XXX]: 404 To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. ERROR: Cert does not exist! Please see the validation error above. The issue may be due to incorrect dns or port forwarding settings. Please fix your settings and recreate the container


      you all feel my last resort, I've been looking for solutions for two days without finding them
      I've been trying to learn openmediavault for a short time now, I love it and would like to learn how to use it better

      I apologize again for my bad english
      I hope you can help me

      Thanks in advance

      The post was edited 2 times, last by Pentothal ().

    • New

      Hello!
      Whats your mother's language?

      Looks like the error say it couldn't resolve the hostname back to your local WAN IP:

      Are you familiar with DNS?
      if you ping your hostname (like XXXXXXXXXX.duckdns.org " does it show you the right IP Address (the one that shows here: whatismyipaddress.com/fr/mon-ip) Asusming you're one the site you're trying to reach from outside.
      Alsos did you open the port that let'sencrypt need (80) on your firewall / modem?
    • New

      antipiot wrote:

      Hello!
      Whats your mother's language?


      Looks like the error say it couldn't resolve the hostname back to your local WAN IP:

      Are you familiar with DNS?
      if you ping your hostname (like XXXXXXXXXX.duckdns.org " does it show you the right IP Address (the one that shows here:
      whatismyipaddress.com/fr/mon-ip) Asusming you're one the site you're trying to reach from outside.
      Alsos did you open the port that let'sencrypt need (80) on your firewall / modem?

      Hello antipiot, I'm italian, thank you for answering me

      It's not the first time I use DSN, I understand how it works, but I'm not exactly an expert
      using the tutorial that I linked to the previous post, I can only connect to the modem login page,




      only in https, so I think the DNS correctly uses my ip-



      this is my port forwarding, I followed what the tutorial said

    • New

      Okay, so:

      Your OMV IP is .82 right?

      As i understand from your screenshots you forwarded the following:

      xxxxxxx.duckdns.org:443-450 80-90 to 192.168.1.82:443-450 80-90.
      Is that right?

      The thing is: If your NAT is working, if your NAS is at 192.168.1.82 and listening to forwarded ports:

      You should not get your router web GUI: this prove something's wrong with the NAT (if i get it right :) )

      What i would do is:

      Trying to open WAN Access to OMB WEBGUI (wich should already be the case assuming your OMV is listening on 443) to validate the NAT parameters.



      Once this works, apply same parameters for the 80 port and try go generate certificate again.

      Hope i'm clear :)
    • New

      antipiot wrote:

      Okay, so:
      Your OMV IP is .82 right?
      As i understand from your screenshots you forwarded the following:
      xxxxxxx.duckdns.org:443-450 80-90 to 192.168.1.82:443-450 80-90.
      Is that right?
      yes, but it only works 443, all the other ports do not work, if I use xxxxx.duckdns.org:80 or 90 or the others do not work
      if I use :4200 I will be directed to the shellinabox page



      antipiot wrote:

      The thing is: If your NAT is working, if your NAS is at 192.168.1.82 and listening to forwarded ports:
      You should not get your router web GUI: this prove something's wrong with the NAT (if i get it right :) )

      the problem is that if I register now a new DNS with NO-IP or other,
      I will always get my modem access page


      antipiot wrote:

      What i would do is:
      Trying to open WAN Access to OMB WEBGUI (wich should already be the case assuming your OMV is listening on 443) to validate the NAT parameters.
      I'm not sure I understand
      but this is the activation page for remote modem access:


      qualsiasi WAN = any WAN
      abilita = enable

      The post was edited 1 time, last by Pentothal ().

    • New

      Pentothal wrote:

      I'm not sure I understandbut this is the activation page for remote modem access:


      qualsiasi WAN = any WAN
      abilita = enable
      I would suggest to disable thoses things: wan side:
      A port can only be used for a device:
      EDIT: this is not clear: if you enable remote access to your router on port 443 then use this port in NAT.
      Your router will follow (i guess ) the first mathing case wich is routing to himself on port 443.
      Due to that, you'll not be able to use the ports used by remote access services when enabled.

      If you have 80 and 443 activated for WAN to Router, they can't be used for NAT.

      I'd suggest you to disable all the WAN check as they block the needed port for nothing.

      The post was edited 1 time, last by antipiot ().

    • New

      antipiot wrote:

      I would suggest to disable thoses things: wan side:A port can only be used for a device:
      EDIT: this is not clear: if you enable remote access to your router on port 443 then use this port in NAT.
      Your router will follow (i guess ) the first mathing case wich is routing to himself on port 443.
      Due to that, you'll not be able to use the ports used by remote access services when enabled.

      If you have 80 and 443 activated for WAN to Router, they can't be used for NAT.

      I'd suggest you to disable all the WAN check as they block the needed port for nothing.
      I have already done this, I have disabled all the modem WAN inputs

      I have deleted all the containers from the docker and rewritten them
      the problem has not been solved

      I feel discouraged, I can not find a solution
    • New

      Dont feel discouraged :) Once you've gone trough this you'll know what's up^^.

      So first of all it seems your mixing things:

      Pentothal wrote:

      I have deleted all the containers from the docker and rewritten them
      the problem has not been solved
      The container and the remote acces are not directly related: if you can't rech your nextcloud from ousitde, it doesent mean your nextcloud is bad.

      1: run a docker nextcloud - prove it running from LAN : OK? if yes, what's the URL you use on lan to reach it?

      go to step 2.

      2: Get a remote access to it by doing NAT.
    • New

      antipiot wrote:

      Dont feel discouraged :) Once you've gone trough this you'll know what's up^^.

      So first of all it seems your mixing things:
      The container and the remote acces are not directly related: if you can't rech your nextcloud from ousitde, it doesent mean your nextcloud is bad.
      1: run a docker nextcloud - prove it running from LAN : OK? if yes, what's the URL you use on lan to reach it?

      go to step 2.

      2: Get a remote access to it by doing NAT.
      today I received my new hardware for my NAS :D
      so I made a new installation of OMV, I tried again but the error is always the same

      if I enter :444 (mydomain.duckdns.org:444) I have a nextcloud server error:
      Log in through an untrusted domain
      Contact your administrator. If you are an administrator, edit the "trusted_domains" setting in config / config.php as the example available in config / config.sample.php.


      Further configuration information is available in the documentation.

      I also translated the error message, I hope you understand :P
      is there anything I need to set up in my modem? beyond port forwarding.