| View previous topic :: View next topic |
| Author |
Message |
NismoC32
Apprentice
Joined: 07 Apr 2003
Posts: 222
|
 Posted: Thu Aug 10, 2017 10:12 pm Post subject: [SOLVED] Let's Encrypt acme-challenge and apache2 |
 |
|
I was wondering if someone could help with getting
Let’s encrypt acme-callenge to work using apache2.
I have ben fiddling with this for a while and I seem to be stuck.
Here are my config files:
My Letsencrypt renewal file /etc/letsencrypt/renewal/mydom.com.conf
| Code: |
# renew_before_expiry = 30 days
cert = /etc/letsencrypt/live/mydom.com/cert.pem
privkey = /etc/letsencrypt/live/mydom.com/privkey.pem
chain = /etc/letsencrypt/live/mydom.com/chain.pem
fullchain = /etc/letsencrypt/live/mydom.com/fullchain.pem
version = 0.13.0
archive_dir = /etc/letsencrypt/archive/mydom.com
# Options and defaults used in the renewal process
[renewalparams]
installer = None
authenticator = webroot
account = «alot of numbers and characters»
[[webroot_map]]
mydom.com = /var/www/localhost |
Apache2 00_default_vhost.conf:
| Code: |
Listen 80
<VirtualHost *:80>
<------>ServerName www.mydom.com
<------>ServerAlias mydom.com
<------>
<------>Include /etc/apache2/vhosts.d/default_vhost.include
<------><IfModule mpm_peruser_module>
<------><------>ServerEnvironment apache apache
<------></IfModule>
# Lets encrypt cerbot renew:
Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/localhost/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>
</VirtualHost>
</IfDefine>
# vim: ts=4 filetype=apache |
and my apache2 default_vhost.include
| Code: | ServerAdmin admin@mydom.com
DocumentRoot "/var/www/localhost/htdocs/nextcloud"
<Directory "/var/www/localhost/htdocs/newxcloud">
<------>Options Indexes FollowSymLinks
<------>AllowOverride All
<------>Require all granted
</Directory>
<Directory "/var/www/localhost/cgi-bin">
<------>AllowOverride None
<------>Options None
<------>Require all granted
</Directory>
<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>
# vim: ts=4 filetype=apache |
When I try to run certbot renew I get this error:
| Code: | Domain: mydom.com
Type: unauthorized
Detail: Invalid response from
http://mydom.com/.well-known/acme-challenge/«alot of numbers and characters»:
"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Not Found</title>
</head><body>
<h1>Forbidden</h1>
<p" |
Any help would be greatly appreciated.
Let me know if more info is needed.
[Moderator edit: changed [quote] tags to [code] tags to preserve output layout. -Hu]
Last edited by NismoC32 on Fri Aug 11, 2017 1:49 am; edited 2 times in total |
|
| Back to top |
|
 |
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Thu Aug 10, 2017 10:47 pm Post subject: Re: Let's Encrypt acme-challenge and apache2 |
|
|
| NismoC32 wrote: | | Quote: | Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>
# vim: ts=4 filetype=apache |
|
First line there has an extraneous "s" and the second has a typo. |
|
| Back to top |
|
|
NismoC32
Apprentice
Joined: 07 Apr 2003
Posts: 222
|
| Posted: Thu Aug 10, 2017 10:57 pm Post subject: Re: Let's Encrypt acme-challenge and apache2 |
|
|
| Ant P. wrote: | | NismoC32 wrote: | | Quote: | Alias /.well-known/acme-challenge/ /var/www/localhost/.well-known/acme-challenges/
<Directory /var/www/locaholst/.well-known/acme-challenge/>
<------>AllowOverride none
<------>Require all granted
</Directory>
# vim: ts=4 filetype=apache |
|
First line there has an extraneous "s" and the second has a typo. |
Thanks noticed it too yust before you respond, and it fixed it !
Thanks 
A Little tip to others, remember to include the 'alias' module in make.conf for apache2  |
|
| Back to top |
|
|
|
Networking & Security
