Letsencrypt not installing/renewing on EFA 3.0.2.6

General E.F.A. discussion
Post Reply
jogomes
Posts: 9
Joined: 12 Oct 2016 15:59

Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by jogomes » 11 Mar 2018 17:59

Hi to all,
:angry-banghead:
I searched and found some similarities but no actual solution or problem like this.

I have a EFA that has a letsencrypt 'manual' installation, and I wanted to change it to the automated one from the menu.

So this morning I tried to renew my cert from my EFA, but I cannot it keeps telling me that there is no Virtual Server running on port 80.

Despite some efforts, even activated the Virtualhost on port 80, nothing seems to work.
When I try to install/renew, it does an update of the Python to 3.4 version (?). Found somewhere that this can be a problem to certbot ??? But no solution found, or I didn't apply it to this system, since it has an automated procedure, and I want not to change it.

I'm not doing it again since I restored a snapshot and copied back the settings back to the production server since there were some emails that already entered and I want to keep it on history.

So, EFA is running with the 'old' cert, and I have 15 days to solve this issue until it expires.

Its not a FW problem, neither a NAT.
I tried the manual and automated ways, all failed with the same issue.

Looking for some help from you guys.

Stay sharp and well.

JG

theEFAmenace
Posts: 16
Joined: 30 Jun 2016 00:32

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by theEFAmenace » 17 Apr 2018 23:00

Same problem here, any solution ?

theEFAmenace
Posts: 16
Joined: 30 Jun 2016 00:32

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by theEFAmenace » 17 Apr 2018 23:30

I ended up adding a virtual host at the end of the httpd.conf - uncommented the last block and updated the details with my own.
Worked like a charm.

jamerson
Posts: 85
Joined: 19 Aug 2017 18:57

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by jamerson » 02 May 2018 12:40

Hi,
Do you have port 80/443 nat to your EFA ?

aetadmin
Posts: 1
Joined: 12 Jun 2018 20:58

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by aetadmin » 13 Jun 2018 16:34

I just had this problem too; my let's encrypt (letsencrypt) was not renewing the cert. I'm sure this is because I have the force ssl redirect enabled. So, I managed to fix it by the following:

edit the file /etc/httpd/conf.d/redirectssl.conf
and change it to this:

Code: Select all

RewriteEngine On

RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Notice that I also commented out the RewriteCond to check for HTTPS is not on. This will still redirect all HTTP requests, just not the ones for letsencrypt.

User avatar
pdwalker
Posts: 1087
Joined: 18 Mar 2015 09:16

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by pdwalker » 14 Jun 2018 09:08

:clap: Good tip!

User avatar
shawniverson
Posts: 2592
Joined: 13 Jan 2014 23:30
Location: Rushville, Indiana, USA
Contact:

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by shawniverson » 14 Jun 2018 21:43

Version 3.0.2.6 released! Update now to keep your eFa secure!

jamerson
Posts: 85
Joined: 19 Aug 2017 18:57

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by jamerson » 15 Jun 2018 23:36

Hi Guys,
after adding this line
RewriteEngine On

[*]RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

Whcih command we have to run to renew the SSL or it will do it automatically ?

northwindit
Posts: 11
Joined: 11 Apr 2016 18:32

Re: Letsencrypt not installing/renewing on EFA 3.0.2.6

Post by northwindit » 04 Sep 2018 15:16

I had this same problem and the solutions listed in here didn't work for me. Not even webmin would load. This was my solution to get everything working again. Just passing the info along in case it can help someone else.

////////////////////////////////////////////////////
Disable Lets Encrypt

Disable HTTPS Configure under EFA Menu 11 (Apache Settings)


sudo nano /etc/httpd/conf.d/redirectssl.conf
Paste the following and write out:

RewriteEngine On

RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

sudo nano /etc/httpd/conf/httpd.conf
Remove the line near the end: Listen 443

sudo nano /etc/httpd/conf.d/ssl.conf
remove the Include lets encrypt line at the end

sudo service httpd restart

Verify that /etc/httpd/conf.d/redirectssl.conf still contains the info above

Run EFA Menu 16 Lets Encrypt
This should now complete successfully

Run EFA Menu 11 Apache Settings and Configure HTTPS

Enable port 443 by typing "Y" and hit Enter... however do nothing after this and close the terminal. Do not hit enter the second time or go past that point and enable port 80 redirection otherwise httpd will fail to start.

Post Reply