Letsencrypt not installing/renewing on EFA 3.0.2.6
Letsencrypt not installing/renewing on EFA 3.0.2.6
Hi to all,
I searched and found some similarities but no actual solution or problem like this.
I have a EFA that has a letsencrypt 'manual' installation, and I wanted to change it to the automated one from the menu.
So this morning I tried to renew my cert from my EFA, but I cannot it keeps telling me that there is no Virtual Server running on port 80.
Despite some efforts, even activated the Virtualhost on port 80, nothing seems to work.
When I try to install/renew, it does an update of the Python to 3.4 version (?). Found somewhere that this can be a problem to certbot ??? But no solution found, or I didn't apply it to this system, since it has an automated procedure, and I want not to change it.
I'm not doing it again since I restored a snapshot and copied back the settings back to the production server since there were some emails that already entered and I want to keep it on history.
So, EFA is running with the 'old' cert, and I have 15 days to solve this issue until it expires.
Its not a FW problem, neither a NAT.
I tried the manual and automated ways, all failed with the same issue.
Looking for some help from you guys.
Stay sharp and well.
JG
I searched and found some similarities but no actual solution or problem like this.
I have a EFA that has a letsencrypt 'manual' installation, and I wanted to change it to the automated one from the menu.
So this morning I tried to renew my cert from my EFA, but I cannot it keeps telling me that there is no Virtual Server running on port 80.
Despite some efforts, even activated the Virtualhost on port 80, nothing seems to work.
When I try to install/renew, it does an update of the Python to 3.4 version (?). Found somewhere that this can be a problem to certbot ??? But no solution found, or I didn't apply it to this system, since it has an automated procedure, and I want not to change it.
I'm not doing it again since I restored a snapshot and copied back the settings back to the production server since there were some emails that already entered and I want to keep it on history.
So, EFA is running with the 'old' cert, and I have 15 days to solve this issue until it expires.
Its not a FW problem, neither a NAT.
I tried the manual and automated ways, all failed with the same issue.
Looking for some help from you guys.
Stay sharp and well.
JG
-
- Posts: 16
- Joined: 30 Jun 2016 00:32
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
Same problem here, any solution ?
-
- Posts: 16
- Joined: 30 Jun 2016 00:32
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
I ended up adding a virtual host at the end of the httpd.conf - uncommented the last block and updated the details with my own.
Worked like a charm.
Worked like a charm.
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
Hi,
Do you have port 80/443 nat to your EFA ?
Do you have port 80/443 nat to your EFA ?
Version eFa 4.0.0 RC1 now available in testing repo. Come join us in advancing eFa!
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
I just had this problem too; my let's encrypt (letsencrypt) was not renewing the cert. I'm sure this is because I have the force ssl redirect enabled. So, I managed to fix it by the following:
edit the file /etc/httpd/conf.d/redirectssl.conf
and change it to this:
Notice that I also commented out the RewriteCond to check for HTTPS is not on. This will still redirect all HTTP requests, just not the ones for letsencrypt.
edit the file /etc/httpd/conf.d/redirectssl.conf
and change it to this:
Code: Select all
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
- shawniverson
- Posts: 3650
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
Hi Guys,
after adding this line
RewriteEngine On
[*]RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Whcih command we have to run to renew the SSL or it will do it automatically ?
after adding this line
RewriteEngine On
[*]RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
Whcih command we have to run to renew the SSL or it will do it automatically ?
Version eFa 4.0.0 RC1 now available in testing repo. Come join us in advancing eFa!
-
- Posts: 14
- Joined: 11 Apr 2016 18:32
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
I had this same problem and the solutions listed in here didn't work for me. Not even webmin would load. This was my solution to get everything working again. Just passing the info along in case it can help someone else.
////////////////////////////////////////////////////
Disable Lets Encrypt
Disable HTTPS Configure under EFA Menu 11 (Apache Settings)
sudo nano /etc/httpd/conf.d/redirectssl.conf
Paste the following and write out:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
sudo nano /etc/httpd/conf/httpd.conf
Remove the line near the end: Listen 443
sudo nano /etc/httpd/conf.d/ssl.conf
remove the Include lets encrypt line at the end
sudo service httpd restart
Verify that /etc/httpd/conf.d/redirectssl.conf still contains the info above
Run EFA Menu 16 Lets Encrypt
This should now complete successfully
Run EFA Menu 11 Apache Settings and Configure HTTPS
Enable port 443 by typing "Y" and hit Enter... however do nothing after this and close the terminal. Do not hit enter the second time or go past that point and enable port 80 redirection otherwise httpd will fail to start.
////////////////////////////////////////////////////
Disable Lets Encrypt
Disable HTTPS Configure under EFA Menu 11 (Apache Settings)
sudo nano /etc/httpd/conf.d/redirectssl.conf
Paste the following and write out:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
sudo nano /etc/httpd/conf/httpd.conf
Remove the line near the end: Listen 443
sudo nano /etc/httpd/conf.d/ssl.conf
remove the Include lets encrypt line at the end
sudo service httpd restart
Verify that /etc/httpd/conf.d/redirectssl.conf still contains the info above
Run EFA Menu 16 Lets Encrypt
This should now complete successfully
Run EFA Menu 11 Apache Settings and Configure HTTPS
Enable port 443 by typing "Y" and hit Enter... however do nothing after this and close the terminal. Do not hit enter the second time or go past that point and enable port 80 redirection otherwise httpd will fail to start.
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
This worked for me. Thanks! Great instructions.
northwindit wrote: ↑04 Sep 2018 15:16 I had this same problem and the solutions listed in here didn't work for me. Not even webmin would load. This was my solution to get everything working again. Just passing the info along in case it can help someone else.
////////////////////////////////////////////////////
Disable Lets Encrypt
Disable HTTPS Configure under EFA Menu 11 (Apache Settings)
sudo nano /etc/httpd/conf.d/redirectssl.conf
Paste the following and write out:
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} !^/\.well\-known/acme\-challenge/
#RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
sudo nano /etc/httpd/conf/httpd.conf
Remove the line near the end: Listen 443
sudo nano /etc/httpd/conf.d/ssl.conf
remove the Include lets encrypt line at the end
sudo service httpd restart
Verify that /etc/httpd/conf.d/redirectssl.conf still contains the info above
Run EFA Menu 16 Lets Encrypt
This should now complete successfully
Run EFA Menu 11 Apache Settings and Configure HTTPS
Enable port 443 by typing "Y" and hit Enter... however do nothing after this and close the terminal. Do not hit enter the second time or go past that point and enable port 80 redirection otherwise httpd will fail to start.
Re: Letsencrypt not installing/renewing on EFA 3.0.2.6
This worked well in EFA 4.0. With letsencrypt, it is critical to have port 80 passing through into the server being configured. It is also critical to the eventual renewal request.
One question, at the very end of the configuration from the EFA menu, it asks if you want to apply to Postfix. Is that necesary, desired, ?? What is required here? Say yes to applying it to postfix or no?
One question, at the very end of the configuration from the EFA menu, it asks if you want to apply to Postfix. Is that necesary, desired, ?? What is required here? Say yes to applying it to postfix or no?