From renew certificate to disaster

  • Hello

    I has a few months to play with omv and new -old features. In the mean time got an email from letsencrypt that one of my certificates for my domain in expires. So I should somehow update it.
    Back then when I had it setup used this guide . At some point he issued the command docker logs -f letsencrypt and I thought that this line created the cerificate since the outcome had the message <<Congradulations! Your certificate and chain have been saved at...blah blah. After a 2 month period and having received the letsencrypt email about expiration of the certificate I tried to find how to issue the update command and how that command would understand which cerificate need to update.

    I came across a site issuing the openssl comand and by the command

    $ echo | openssl s_client -servername NAME -connect HOST:PORT 2>/dev/null | openssl x509 -noout -dates

    got an answer as to when the certificate expires. The answer was not a straight forward one since I got this outcome

    notBefore=Jul 24 22:15:07 2019 GMT
    notAfter=Oct 22 22:15:07 2019 GMT (It doesnt say if it ends at a specific date or it is already expired)

    Anyway the real problem came afterwards since I couldnt Generate CSR From the Existing Key using OpenSSL with the command
    $ openssl req -new -key example.key -out example.csr -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/"since I didnt know what to replace with what. In addition nowhere inside the letsencrypt folder had a file with .key only .pem So I came across another site mentioning the certbot. And all went wrong after command sudo apt-get install certbot -t stretch-backportsStarted downloading stuff and somewhere I noticed a message about removing packs. It ended with an error (unfortunately didnt copy the whole procedure) and after that couldn start the web ui (getting an 403 Forbidden nginx) of OMV even if it has the same ip address as before and can SSH with PUTTY to the same IP address. I dont know what to do. Sorry for my lengthy post. PS 1.What the hell did that command alters the whole system? 2. i re-run the command but I think now it finished with no errors. Still no web access

  • small update.... I am able to access heimdall for example and through that my other containers like netdata , Airsonic...etc but not the main web ui page due to forbidden 403
    Also from cli omv-firstaid seems not to exist anymore

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!