here is let’s encrypt.
with my fav channel on youtube.
After following the instructions and being prompted to choose a configuration file I’m lost in the last instruction. It calls to change the documentroot in 000-default-le-sssl.conf but one doesnt exist in /etc/apache2/sites-available or sites-enabled. Just default-ssl and 000-default. Help? Thank you!
i see the same thing on my end
Thanks for this documentation - it seems to work for my box. Is there a reason why we cannot include this into the core?
I think certbot is actually easier and it’s sponsored by the EFF. It doesn’t get much simpler than certbot…just select which web server and OS you’re running and it gives you a few lines of code to copy-paste. Check it out: https://certbot.eff.org/
Seems nice! I will try it at next certificate renewal
Feel free to submit a pull request with the addition and we will gladly give it a review and possible add.
do we need to set something for CSF for auto renewal?
Did you see my post above? Check out: https://certbot.eff.org/ . Hope that helps you!!
No CSF uses symlinks (points to original LE cert). I was having permission issues with Deluge and ZNC so had to make a copy of the cert within their dirs.
Got error setting this up
Please read the Terms of Service at
https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf. You must agree
in order to register with the ACME server at
Obtaining a new certificate
Performing the following challenges:
tls-sni-01 challenge for xxx.me
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. xxx.me (tls-sni-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for xxx.me
If you lose your account credentials, you can recover through
e-mails sent to [email protected].
The following errors were reported by the server:
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
Your account credentials have been saved in your Certbot
configuration directory at /etc/letsencrypt. You should make a
secure backup of this folder now. This configuration directory will
also contain certificates and private keys obtained by Certbot so
making regular backups of this folder is ideal.
I’m using kimsufi and I setup cloudflare
this is setting I got from here
I setup domain with cloudflare
I would advise you to fix your LetsEncrypt certificate on your current nameserver, before moving it to CloudFlare. And also from the pictures you’ve attached I’m failing to see that you’ve pointed your nameservers to Cloudflare. Thats a must if you want CF to handle all traffic
The installation failed when I choose 000-default… so I had to choose default-ssl.conf and manually change the crt and key file paths in order to make it work.
I assume that there is something within that string that I should change because of this, right? Do I just enter
sed -i "s|DocumentRoot /var/www/html|DocumentRoot /srv/rutorrent/home/|g" /etc/apache2/sites-enabled/default-ssl.conf && service apache2 restart
and get away with it?
oh I see, so you saying just remove cloudflare from domain and only keep
Kimsufi <-> Domain and do it that way 1st then later on add Cloudflare Kimsufi <-> Cloudflare <-> Domain
done… now I have removed and fixed my domain with my kimsufi DNS … lets see if that works and loads up the page/dashboard
If you have the site being handled by the CloudFlare edge nodes (Cloud Icon Orange on the domain) then Lets Encrypt tries using the CloudFlare IP and not your Server IP. Please set the icon to grey before attempting to install your certificate.
Using JMSolo + SavageCore guide, Letsencrypt is working on my quickbox setup.
Only little hiccup is when I click on the Plex link on the left side, it returns:
The requested URL /web/ was not found on this server.
Apache/2.4.18 (Ubuntu) Server at $myserver$ Port 443
I’ll see if I can find where the problem is and post here if I find it.
this is due to it not having a reverse proxy that works so no
it works if you set up plex server and use ip but other wise not so much thanks to one of plex updates.
Thanks for the information.
I’ll stick to using IP:port for now until a fix comes out / if it does…
A post was split to a new topic: Get other programs on QuickBox using LE certs