Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Problem getting started with certbot -- RESOLVED
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
Fred Krogh
Veteran
Veteran


Joined: 07 Feb 2005
Posts: 1025
Location: Tujunga, CA

PostPosted: Thu Jun 29, 2017 5:41 pm    Post subject: Problem getting started with certbot -- RESOLVED Reply with quote

I decided that if it was easy I'd allow https instead of http on my web sites. When I run "cerbot --apache", there are failures with this message
Quote:
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
I suspect it has to do with my firewall. Port 80 is passed through to my server using the TCP protocol. If this is the problem, is there something to be done about it? If not, what is likely to be the problem? Many thanks,
Fred


Last edited by Fred Krogh on Sat Jul 01, 2017 12:06 pm; edited 1 time in total
Back to top
View user's profile Send private message
wolvie
n00b
n00b


Joined: 01 Mar 2004
Posts: 27

PostPosted: Fri Jun 30, 2017 8:56 pm    Post subject: Reply with quote

try running:

Quote:
certbot --apache -d domain


or

Quote:
certbot --webroot -w webroot-path


in case of fail please paste some extra logs (no sensible information through)
Back to top
View user's profile Send private message
Fred Krogh
Veteran
Veteran


Joined: 07 Feb 2005
Posts: 1025
Location: Tujunga, CA

PostPosted: Fri Jun 30, 2017 9:37 pm    Post subject: Reply with quote

The second option you mentioned suggests using certonly. The first option fails in the same way. After trying a bunch of different things and looking at what is coming in on /var/log/messages, I just got this message.
Quote:
An unexpected error occurred:
There were too many requests of a given type :: Error creating new authz :: Too many invalid authorizations recently.
Please see the logfiles in /var/log/letsencrypt for more details.
And with this I just realized where the log file for certbot is stored.

From the log file I can see it is trying to use port 443 which is for https. My router does not pass that port on. So if I change my router to allow this and certbot ever forgives me, perhaps it will work for me. Many thanks.
Back to top
View user's profile Send private message
wolvie
n00b
n00b


Joined: 01 Mar 2004
Posts: 27

PostPosted: Fri Jun 30, 2017 10:46 pm    Post subject: Reply with quote

the block usually drops within 1 hour
Back to top
View user's profile Send private message
Fred Krogh
Veteran
Veteran


Joined: 07 Feb 2005
Posts: 1025
Location: Tujunga, CA

PostPosted: Sat Jul 01, 2017 12:05 pm    Post subject: Reply with quote

Adding port 443 to my router and all works as simple as it could be.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum