Questions tagged as ['certbot']
I have a LEMP server at home running Ubuntu 22.02 and an Oracle cloud instance running Ubuntu 20.04. The Oracle cloud instance is acting as a Wireguard server. The LEMP server at home is acting as the Wireguard Client, and is being tunneled through the Oracle server in order to obtain an IP address that is different from my home IP address. I have set up this Wireguard Client/Server configuration per
I did the following:
sh-3.2# certbot certonly --manual --preferred-challenges=dns --email admin@example.com --server https://acme-v02.api.letsencrypt.org/directory --agree-tos -d *.someDomainlab.com
and got results:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Press Enter to Continue
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/l ...I installed a cert for my server a while ago using certbot, and cant remember if I setup as a wildcard or not, What command can I run to see if it is or not?
I have a NGINX server and I use Certbot to generate a Let's Encrypt certificate. I saw that my certificate was not renewing automatically despite the cron I had set up. I tried to renew it manually with the command:
$ certbot renew --cert-name pbx.info.eu --nginx
Could not choose appropriate plugin: The manual plugin is not working; there may be problems with your existing configuration. The error ...
I have successfully managed to install SSL via certbot into my Nginx Docker container,
but after installation, all traffic routed via HTTPS refuses to connect.
curl https://www.example.com or curl https://the_ip_of_server
curl: (7) Failed to connect to example.com port 443 after 9822 ms: Connection refused
~Port 443 is open on the server(AWS Lisghtsail)
curl http://www.example.com
<html>
<head& ...
Using certbot 1.26.0.
Due to moving some certificate configurations to another server and creating new ones, I now have got two accounts. That was not intended and I think I don't need two accounts.
All renewal files (in /etc/letsencrypt/renewal) contain server = https://acme-v02.api.letsencrypt.org/directory and are all of the same kind (nginx configurations, where just the domain differs).
So, ...
I have a domain (let's say example.com), and I currently have a Let's Encrypt certificate set up and properly working for example.com and www.example.com for Apache on an Amazon Linux 2 AMI EC2 instance, and I'm trying to reconfigure the certificate to set it up for a wildcard domain (i.e., *.example.com).
I SSH'ed into the EC2 instance and ran the following command in an attempt to do this (with the rea ...
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
and have installed certbot via apt-get
My issue is that it is the second time that certificates expire and the cron(also systemd service) installed by certbot is not working.
I see this file created:
/lib/systemd/system/certbot.timer
[Unit]
Description=Ru ...
I have an Ubuntu server with a website and a setup with postfix, dovecot, and roundcube.
All was working well. But this week, I have extended the wordpress website from 1 single-site to 6 sites (multisites). As such, I extended the CertBot certificate with the new domains.
In order to do this, I added virtualhosts to /etc/apache2/sites-enabled/domain.com.conf. I ran the certbot command for the domai ...
My nginx.conf file is as follows:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
#the above include brings in the following default files:
#50-mod-http-image-filter.conf
#50-mod-http-xslt-filter.conf
#50-mod-mail.conf
#50-mod-stream.conf
events {
worker_connections 500;
}
http {
include /etc/nginx/proxy.conf;
limi ...
I have a spring boot application on Google Cloud, CentOS 7. I wish to install SSL certificate via Let's Encrypt and Certbot. When I use certbot --apache -d mydomain.zone command I receive an error:
My domain is registered on Namecheap. My A records on Google Cloud:
Also I provided google cloud nameservers in Namecheap like in this tutorial: https://www.wpmentor.com/setup-domain-google-cloud-platform ...
On my server I have special permissions that I set on my public_html folder.
First the sticky bit
chmod g+s /home/domain.com/public_html
Also default group permissions.
setfacl -m 'default:group::rwX' /home/domain.com/public_html
When I run my certbot command
certbot certonly \
--webroot \
-w /home/domain.com/public_html/ -d domain.com
certbot will create a .well-known/acme-challenge ...
This has to be a duplicate, but I have been searching for a long time and have not found anything.
When I type in the address of my website using http, I get the NginX default page (https works fine):
http://svija.love
The NginX config file contains, at the end:
server {
if ($host = svija.love) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name svija.l ...
Not sure how to quickly summary this issue, so I will put my scenario in bulletpoints:
- Normal basic nginx install
- I only use https(443), so I removed all http(80) config
- When you start nginx (or
restartit), the process seems to listen on port 80 as well (ss -tulp) - When I add a config in
/etc/nginx/sites-enabledwith a listener on http(80) and then; - Reload nginx, using
systemctl reload nginx(note: rel ...
I'm not familiar with any of this proxy stuff.
I can't seem to find a solution to this issue. Right now when I type ex.domain.com it redirects to the IP address 192.168.1.202. How do I get it to visit that address but keep ex.domain.com.
I have port forwarding setup for nginx and if i remove "proxy_pass" it shows the nginx page with the domain url. which is what I want.
For server_name loca ...
So there is this server that is all messed up but that is besides the point.
I ran certbot and it failed. Checked the vhost for port 80. It has the blanket redirect.
It dose not seem like it would cause a problem right? Well it is, I commented it out and certbot ran no problem.
So then I tired creating a new vhost just for certbot. "ServerName domain.com.well-known Directory /var/www/certbot" Then runn ...
I'm using an Ubuntu 20.04 server on Azure, with Nginx, PHP-FPM, and two websites.
The sites are example.com and sub.example.com and They are with the certificate issued by certbot and working fine.
I added a third site with a different domain example2.com and it worked fine. But when I add certbot to this third site, they all stop working, and Nginx doesn’t stop and doesn't show any error.
I added the c ...
After I ran certbot --nginx browsers cannot access css of my website.
style.css is located in ./styles of root of my site.
The error is Failed to load resource: net::ERR_CERT_COMMON_NAME_INVALID style.css:1
Edited: string from my .html files (where example.com is my site domain):
<link rel="stylesheet" type="text/css" href="https://www.example.com/styles/style.css">
Edited: my tree -p outpu ...
This error is from dovecot where it can't read the certificate because of permissions I tried changing permissions around, presently I have everything on 644 I understand the paths are only links to /etc/letsencrypt/archives file paths so I really don't know what's going on I don't know how perms on links effect the targets
mail dovecot: imap(example_user)<28542><mxY1sjPSlsxHvuNn>:
Panic: Se ...I am trying to renew my certbot certificates running the command
cerbot renew
and I get this error
2021-12-02 10:46:30,686:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2021-12-02 10:46:30,779:DEBUG:acme.client:Sending GET request to https://acme-staging-v02.api.letsencrypt.org/directory.
2021-12-02 10:46:30,783:INFO:requests.packages.urllib3.connectionpool:Starting ...
I am trying to run certbot on an ECS instance which is running a docker image (docker.io/existdb/teipublisher). The image runs well and I have associated it with a custom subdomain teipub.dh-dev.com using an elastic IP.
Trying to install and run certbot so I can have an Https connection has proven to be surprisingly difficult.
running as root, I install nginx with:
sudo amazon-linux-extras list | grep n ...
I have a server which runs 2 different web servers (Apache and Nginx). The Apache server takes care of all the traffic directed to Wordpress sites whereas the Nginx server serves my Python API and React Web App.
Due to conflicting ports with Apache, I had to set up the API to run on port 88 and the React app to run on 90. I tested it this way and it worked. All the requests will be forwarded to 4 ...
I found that Google cannot access my page (this is a follow up of https://webmasters.stackexchange.com/questions/137407/page-cannot-be-crawled-by-google-at-all)
Now I am thinking it might be a server configuration error.
I am using Letsencrypt certbot and the cloudflare-dns plugin to obtain a wildcard certificate. The page can be accessed just fine in Google Chrome and Firefox, but for example PageSpeed I ...
I have a site https://www.sqeazy.com on a Ubuntu 18.04.1 AWS Lightsail VM running a nginx webserver and using Letsencrypy certbot SSL. The site was running without problems but when I checked it today, client browser returned ERR_TOO_MANY_REDIRECTS and nginx error log shows
[crit] 2707#2707: *768 SSL_do_handshake() failed (SSL: error:14209102:SSL routines:tls_early_post_process_client_hello:unsuppor ...
I recently ran a certbot command using --webroot on a server. Everything worked fine for 8+ hours.
This morning my frontend went down. Upon investigation I discovered that the apache2 service was down. It was masked for some reason so I unmasked it. It restarted but did not work. I tried to run a configtest but apache2ctl was not found. I ran sudo apt install apache2. Now everything is working ag ...
The server:
I use Nginx as a ingress-proxy for my server. Nginx runs within a Docker container.
docker-compose.yml:
nginx_ingress:
image: nginx:latest
ports:
- "80:80"
- "443:443"
networks:
front-tier: {}
back-tier:
ipv4_address: 172.28.1.1
restart: always
volumes:
- /var/lib/my-server/config/nginx_ingress:/etc/nginx/conf.d
- /var/li ...
Using Certbot to install an R3 Let's Encrypt certificate on an nginx webserver causes all the other domains in the nginx configuration to be included under "Subject Alternative Name" on the certificate. This is undesirable for my use case.
I read the man page here and some other Stack Exchange posts here and here.
Regarding the use of alternative names, the man page says (and I don't fully understand):
On my Ubuntu (20) server I have a Docker container running on port 3000. I have now installed NGINX on the server and point a domain via a reverse proxy to the Docker container.
server {
listen 80;
server_name sub.domain.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_hea ...
My NGINX config has a single server defined, and in server-name I have both my domains listed. However, I'd like to keep their SSL certificates separate if possible. I tried using certbot twice, once for each domain, but it seems certbot changes the server's ssl_certificate path in the NGNIX config to match the second domain and overwrites the first domain. Is there a way around this?
Thanks!
I want to install certbot using snap, but when I tried Official instruction:
sudo snap install core; sudo snap refresh core
sudo snap install --classic certbot
but returns:
error: cannot perform the following tasks:
- Run configure hook of "certbot" snap if present (run hook "configure": /var/lib not root-owned 1000:1000)
Previously, I uninstalled certbot(from apt) by using the below command:
...