SSL Certs

  • I hope this is the correct place to seek help with an ssl error I am having on omv.


    Specs: Optiplex 7010 MT/ i5-3570 / 16 gb ram


    Error: ssl certs generated from docker linuxserverio/letsencrypt and self signed will not apply.

    Behavior: After applying changes I get an alert "An error occured." After this occurs I can no longer access admin gui until I use omv-firstaid to reconfigure webpanel.


    If I try to navigate to https://duckdns.ip or https://local.ip I get an error as below


    bqTi9wm.jpg[=


    System logs show :


    nginx[27977]: nginx: [emerg] bind() to [::]:443 failed (98: Address already in use)


    Docker compose for reference:

    Port 443 is open on my router. I am likely overlooking something small, but any help is greatly appreciated.

  • At a first glance, the ports are wrong in your compose file. You never touch the right end side of that.


    For example i have:


    Code
    ports:
    - 450:443
    - 90:80

    And your problem with OMV UI is that OMV uses port 80. So you have to change both left hand sides to something else, like i did.


    You can't have both OMV UI and the continer listening on port 80. Only one thing.


    Remove the old container before you start the new one.

  • Thanks, I am now getting somewhere. Though it seems I'm not quite there yet. I am still getting an ensecure page warning. It seems to be just connecting http.


    I did get these errors:


    'nginx' failed protocol test [HTTP] at [127.0.0.1]:443 [TCP/IP] -- Connection refused

    Could not generate persistent mac address veth9482511: no such file or directory.

  • Try to go to www.vbopen.duckdns.org instead of vbopen.duckdns.org.


    As stated into the container documentation, due as a limitation of duckdns, the certificates only work for the subdomain. "www" is a subdomain.


    It's not important to use http or https. Using port 80 the http request will be automatically converted to https. There is a config file that do that but do not remember what file is precisely.

  • If you come up with the config I am interested. I hit rate limit for letsencrypt messing around with it so much today :(


    So I'll have to check into it again later. Self signed still throws the same error with the "www"

  • I didn't see any earlier, but could have missed them. I'll retest it in 5 days, which is rate limit suspension time


    Edit: correction, its 5 per hour. Will update post soon


    Edit: Forgot to mention the self signed cert gives the same error:


    Could not generate persistent mac address veth9482511: no such file or directory.

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!