Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] Let's Encrypt acme-challenge and apache2
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
NismoC32
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 197

PostPosted: Thu Aug 10, 2017 10:12 pm    Post subject: [SOLVED] Let's Encrypt acme-challenge and apache2 Reply with quote

I was wondering if someone could help with getting
Let’s encrypt acme-callenge to work using apache2.
I have ben fiddling with this for a while and I seem to be stuck.

Here are my config files:
My Letsencrypt renewal file /etc/letsencrypt/renewal/mydom.com.conf

Code:

# renew_before_expiry = 30 days
cert = /etc/letsencrypt/live/mydom.com/cert.pem
privkey = /etc/letsencrypt/live/mydom.com/privkey.pem
chain = /etc/letsencrypt/live/mydom.com/chain.pem
fullchain = /etc/letsencrypt/live/mydom.com/fullchain.pem
version = 0.13.0
archive_dir = /etc/letsencrypt/archive/mydom.com

# Options and defaults used in the renewal process
[renewalparams]
installer = None
authenticator = webroot
account = «alot of numbers and characters»
[[webroot_map]]
mydom.com = /var/www/localhost


Apache2 00_default_vhost.conf:
Code:

Listen 80

<VirtualHost *:80>
<------>ServerName www.mydom.com
<------>ServerAlias mydom.com
<------>
<------>Include /etc/apache2/vhosts.d/default_vhost.include

<------><IfModule mpm_peruser_module>
<------><------>ServerEnvironment apache apache
<------></IfModule>

# Lets encrypt cerbot renew:
Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/localhost/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>

</VirtualHost>
</IfDefine>

# vim: ts=4 filetype=apache


and my apache2 default_vhost.include

Code:
ServerAdmin admin@mydom.com
DocumentRoot "/var/www/localhost/htdocs/nextcloud"
<Directory "/var/www/localhost/htdocs/newxcloud">
<------>Options Indexes FollowSymLinks
<------>AllowOverride All
<------>Require all granted
</Directory>

<Directory "/var/www/localhost/cgi-bin">
<------>AllowOverride None
<------>Options None
<------>Require all granted
</Directory>

<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>

# vim: ts=4 filetype=apache


When I try to run certbot renew I get this error:

Code:
Domain: mydom.com
Type: unauthorized
Detail: Invalid response from
http://mydom.com/.well-known/acme-challenge/«alot of numbers and characters»:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Not Found</title>
</head><body>
<h1>Forbidden</h1>
<p"




Any help would be greatly appreciated.
Let me know if more info is needed.

[Moderator edit: changed [quote] tags to [code] tags to preserve output layout. -Hu]


Last edited by NismoC32 on Fri Aug 11, 2017 1:49 am; edited 2 times in total
Back to top
View user's profile Send private message
Ant P.
Watchman
Watchman


Joined: 18 Apr 2009
Posts: 5589

PostPosted: Thu Aug 10, 2017 10:47 pm    Post subject: Re: Let's Encrypt acme-challenge and apache2 Reply with quote

NismoC32 wrote:
Quote:
Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>

# vim: ts=4 filetype=apache

First line there has an extraneous "s" and the second has a typo.
Back to top
View user's profile Send private message
NismoC32
Apprentice
Apprentice


Joined: 07 Apr 2003
Posts: 197

PostPosted: Thu Aug 10, 2017 10:57 pm    Post subject: Re: Let's Encrypt acme-challenge and apache2 Reply with quote

Ant P. wrote:
NismoC32 wrote:
Quote:
Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>

# vim: ts=4 filetype=apache

First line there has an extraneous "s" and the second has a typo.


Thanks noticed it too yust before you respond, and it fixed it !
Thanks :D

A Little tip to others, remember to include the 'alias' module in make.conf for apache2 :)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum