Questions tagged [certbot]
The certbot tag has no usage guidance.
56
questions
1
vote
1
answer
31
views
Can’t renew LE certs behind haproxy after upgrade
My previous setup to maintain Let's Encrypt certificates, which worked, was:
WAN -> pfSense -> Ubuntu 18.04 -> haproxy -> certbot v0.27.0 (for renewal)
pfSense forwarded all TCP traffic on ...
- 455
0
votes
1
answer
25
views
I cannot change my Nginx configuration no matter what I try
I'm trying to create a subdomain for hosting files and no matter what I try, autoindex doesn't do anything. I can successfully redirect "public.example.com" to "example.com", but ...
- 347
0
votes
0
answers
14
views
Docker certbot trouble after relocating data-root
Because of my Docker images/containers filling up my root partition, I've been trying to move the data-root directory of my Docker installation to a different location (current: /usr/lib/docker; ...
- 103
1
vote
0
answers
203
views
SSL certificates not being generated with Certbot for Nginx when using Docker
If I understand this correctly what you are required to do is to have a web server being hosted at a specific domain and then execute the certbot command with specific arguments.
I have created a ...
- 11
1
vote
1
answer
147
views
What comes first - Certbot or nginx?
I am trying to set up nginx to act as a reverse proxy on a small personal server; however, I am encountering some circular logic when I ask certbot to generate SSL certificates.
From what I can tell, ...
- 21
1
vote
1
answer
3k
views
Connection refused when generating a Let's Encrypt certificate for a subdomain
I'm trying to add a subdomain to my Let's Encrypt certificate but it's giving Connection refused.
The command I ran was sudo certbot --expand -d sub.domain.com
Certbot failed to authenticate some ...
- 33
0
votes
1
answer
190
views
Certbot frequently/always fails in cron with a hostname mismatch
Update 2023-05-06: Yep. Looks like CentOS7's NetworkManager overwriting /etc/resolv.conf. Haven't had an issue since disabling it.
Update 2023-04-20: It looks like CentOS7's NetworkManager is the ...
- 332
0
votes
2
answers
3k
views
How do I auto-renew a manual Certbot cert?
I manually set up a Certbot cert on an EC2 instance so that I could set up a wildcard cert.
Specifically, I used the following command (with the real domain, not example.com) to set up the manual ...
- 125
0
votes
1
answer
520
views
Why is it better to configure ACME client to trust private CA root certificate than to add the certificate to the CA store?
I am creating a self-hosted CA for my internal home network as a hobby project and to learn something new. I'm using Smallstep's open-source step-ca and step CLI.
After creating the CA, the next step ...
- 115
2
votes
2
answers
15k
views
How to remove Certbot completely ubuntu 20.04
I ran this command sudo dpkg -l *certbot* and I got this certbot and the version number listed in the terminal:
Next I ran this 2 commands sudo apt-get remove certbot and sudo apt autoremove and I ...
- 121
1
vote
0
answers
3k
views
PHP webpage downloads instead of opens in browser (nginx, php on debian10 server)
I have a server running Debian 10. I have installed nginx (1.18.0) and php and php-fpm (7.4.28). Following this guide https://landchad.net/index I was able to get html website with certification by ...
- 111
1
vote
0
answers
1k
views
Certbot 1.12.0 - How to stop ISRG Root X1 from being signed by DST Root CA X3?
I have an NGINX reverse proxy (nginx/1.21.4 & Debian 11) using certbot (v1.12.0) to get Lets Encrypt certificates for my site. Since the expiry of the DST cert, I had intermittent issues with ...
user1239807
0
votes
1
answer
443
views
Why is Snappy hanging on any command?
Server is AlmaLinux 8.5 (converted from CentOS).
I had been doing some work to add a new web site which included the usual dnf update and also installing php81-php-fpm and some associated packages. ...
- 103
1
vote
1
answer
2k
views
How can I fix cron letsencrypt certbot renew on Ubuntu (SSL3_GET_SERVER_CERTIFICATE, certificate verify failed)?
I have an nginx webserver running with letsencrypt certificates, updated through certbot renew. All on Ubuntu 14.04. Since 1st Oct 2021 I keep getting emails from cron that the certificates could not ...
0
votes
2
answers
306
views
Is it possible to re-enter the process in Linux?
I ran the certbot program to give out a certificate for a domain. During domain verification when the program was running my ssh session with the server crashed. Logging back to the server I wanted to ...
- 101
0
votes
1
answer
51
views
Certbot won't generate ssl for my mail-prefixed domains
I recently developed my first full-stack website, and I attempted to get it out there with a vps. My problem is, I can't seem to generate an ssl certificate for one of my domains. The www.website_name....
- 11
0
votes
1
answer
42
views
Is there anything like certbot (auto-renewal) for paid SSL certs? [closed]
For maximumum compatibility, I want to use simple DV PositiveSSL certs, similar to what Let's Encrypt does.
But the biggest pain in the neck is that I can't find anything which renews automatically ...
- 363
0
votes
0
answers
256
views
Should I continue to use Let's Encrypt after September 2021?
I am very curious about what the community thinks. After Sept 2021, they will no longer be co-signed by DST Root CA X3, and basically any platform from 2016 or older will not validate their ...
- 363
10
votes
2
answers
23k
views
What is the purpose of chain.pem files?
A general question about chaim.pem files; I used a csr obtained from my host, and used the Certbot from LetsEncrypt to generate a https cert; I used the following command
$ certbot certonly --manual -...
- 471
0
votes
1
answer
1k
views
Certbot fails to start nginx
I am using kernel 3.10 on CentOS 7. I have successfully installed CertBot 1.10.1 using alternative installation instructions as certbot-auto. I have manually added certbot-auto to autorun via systemd ...
- 192
1
vote
1
answer
2k
views
How to remove deprecated certbot-auto, but keep certbot and existing configuration
Blindly following an installation tutorial, I ended up with both certbot-auto (git clone to /etc/letsencrypt) and the actual certbot tool. Now I would really like to clean-up my Ubuntu installation ...
- 11
6
votes
3
answers
13k
views
How do I renew ALL certificates with certbot?
I don't want to only renew the certificates which are going to expire soon. (Whatever soon means). I want to renew all of them to make sure they will be on the same timing in the future.
I cannot find ...
- 447
3
votes
1
answer
417
views
certbot-auto fails to install automatic renewal?
I am using kernel 3.10 on CentOS 7. I have successfully installed CertBot 1.10.1 using alternative installation instructions as certbot-auto. Running certbot-auto successfully generated certificates ...
- 192
0
votes
1
answer
408
views
Enable ssl on my apache webdav using letsencrypt and certbot
I have a raspberry pi and use apache and webdav to serve photos to family and friends. I think I have a very basic configuration. I have a file 000-default.conf and a second webdav.conf. In order to ...
- 101
-1
votes
1
answer
397
views
can't connect to server after installing let's encrypt on centos 8
I'm trying to install let's encrypt on my centos 8 apache server. I created domain-site.conf file in /etc/httpd/conf.d/ directory with the following content (domain name is replaced with test):
<...
1
vote
1
answer
3k
views
How to renew LetsEncrypt SSL wildcard?
I have to renew my SSL certificate, but I want to use a wildcard certificate instead of my current simple SSL using LetsEncrypt also. I usually use this command below, but it doesn't work to update my ...
1
vote
0
answers
332
views
Generating SSL cert using certbot - multiple DNS entries
I currently have 2 DNS A records for main domain pointing to the different IP addresses. This is creating problems when I try to use certbot to generate Let's Encrypt's SSL certificate for my domain, ...
- 111
0
votes
2
answers
2k
views
Why can’t certbot auto revew wildcard SSL certs without a DNS plugin?
When I run certbot review, I get the following error.
An authentication script must be provided with --manual-auth-hook when
using the manual plugin non-interactively.
According to the docs, to ...
- 1,010
0
votes
1
answer
4k
views
certbot (Let’s Encrypt) for local domain NXDOMAIN looking up A for **.domain
I am trying to use certbot (Let’s Encrypt) for a local domain.
In /etc/hosts I have this.
127.0.0.1 myapp.whitebear.com
But when I run certbot (Let’s Encrypt) shows this error.
How can I set ...
- 705
0
votes
0
answers
23
views
nginx and certbot fails
Im trying to setup two sites on my nginx server.
pma (phpmyadmin) works as it should.
myhome.domain.tld - dosnt work.
here is the nginx.conf file.
user www-data;
worker_processes auto;
pid /run/...
- 45