MrChunky Posted January 12, 2018 Share Posted January 12, 2018 2 minutes ago, EdgarWallace said: Same here....everything was running fine until the todays container update: Apply the fix that Jasgud/ aptalca suggested above 13 hours ago, aptalca said: Just add a new environment variable in the gui where the key is HTTPVAL and the value is true similar to how there is already a variable for PUID and 99 Quote Link to comment
Zero Posted January 12, 2018 Share Posted January 12, 2018 5 minutes ago, MrChunky said: Apply the fix that Jasgud/ aptalca suggested above I just did that, but it's still giving errors Quote Link to comment
nikolsko Posted January 12, 2018 Share Posted January 12, 2018 I am having the same problem as well. I have the exact same problem with the HTTPVAL variable as well. However I do not see how the HTTPVAL should make a difference, since it seems optional. Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donations/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... 2048 bit DH parameters present SUBDOMAINS entered, processing Sub-domains processed are: -d ***** -d ****** E-mail address entered: ****** Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created usage: certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. certbot: error: argument --cert-path: No such file or directory Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. IMPORTANT NOTES: - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory [cont-init.d] 50-config: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. Quote Link to comment
MrChunky Posted January 12, 2018 Share Posted January 12, 2018 3 minutes ago, Zero said: I just did that, but it's still giving errors Strange that we are all getting different errors. I have "Connection refused". you have something else. A third guy is get "unauthorized". I was getting your error until I changed the HTTPVAL value, now I get connection refused. Quote Link to comment
EdgarWallace Posted January 12, 2018 Share Posted January 12, 2018 (edited) I applied the fix...still not working: ------------------------------------- _ _ _ | |___| (_) ___ | / __| | |/ _ \ | \__ \ | | (_) | |_|___/ |_|\___/ |_| Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donations/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... 4096 bit DH parameters present No subdomains defined E-mail address entered: [email protected] Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created usage: certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. certbot: error: argument --cert-path: No such file or directory Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for xxxxxxxx.xxxxxx.org Waiting for verification... Cleaning up challenges Failed authorization procedure. xxxxxxxx.xxxxxx.org (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://xxxxxxxx.xxxxxx.org/.well-known/acme-challenge/igQwFM5uEZH-G1E1iS-R0v-GlcC3-xv-g9F1n-9r51g: Timeout IMPORTANT NOTES: - The following errors were reported by the server: Domain: xxxxxxxx.xxxxxx.org Type: connection Detail: Fetching http://xxxxxxxx.xxxxxx.org/.well-known/acme-challenge/igQwFM5uEZH-G1E1iS-R0v-GlcC3-xv-g9F1n-9r51g: Timeout To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory [cont-init.d] 50-config: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. Edited January 12, 2018 by EdgarWallace Quote Link to comment
MrChunky Posted January 12, 2018 Share Posted January 12, 2018 2 minutes ago, EdgarWallace said: I applied the fix...still not working: Now you have the same error as me:) Welcome to the club. Quote Link to comment
surfshack66 Posted January 12, 2018 Share Posted January 12, 2018 My ISP blocks port 80, so changing that value won't work in my situation. Subscribed to the thread..hopefully a fix is found soon. Quote Link to comment
kreene1987 Posted January 12, 2018 Share Posted January 12, 2018 (edited) I hope someone sees this soon as I basically live out of nextcloud (calendar, documents, etc.) and this has brought this to a screeching halt without VPN'ing into my network! Is there a way to roll back to a previous revision? Edited January 12, 2018 by kreene1987 Quote Link to comment
jasgud Posted January 12, 2018 Share Posted January 12, 2018 2 hours ago, Zero said: I just did that, but it's still giving errors If your getting the line below then the code wasn't applied correctly. Try putting it in quotes like "HTTPVAL" and "true". I did apply mine through extra parameters and it worked just fine, didn't even think about adding custom variables. Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. Quote Link to comment
jasgud Posted January 12, 2018 Share Posted January 12, 2018 2 hours ago, EdgarWallace said: I applied the fix...still not working: ------------------------------------- _ _ _ | |___| (_) ___ | / __| | |/ _ \ | \__ \ | | (_) | |_|___/ |_|\___/ |_| Brought to you by linuxserver.io We gratefully accept donations at: https://www.linuxserver.io/donations/ ------------------------------------- GID/UID ------------------------------------- User uid: 99 User gid: 100 ------------------------------------- [cont-init.d] 10-adduser: exited 0. [cont-init.d] 20-config: executing... [cont-init.d] 20-config: exited 0. [cont-init.d] 30-keygen: executing... using keys found in /config/keys [cont-init.d] 30-keygen: exited 0. [cont-init.d] 50-config: executing... 4096 bit DH parameters present No subdomains defined E-mail address entered: [email protected] Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be created usage: certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ... Certbot can obtain and install HTTPS/TLS/SSL certificates. By default, it will attempt to use a webserver both for obtaining and installing the certificate. certbot: error: argument --cert-path: No such file or directory Generating new certificate Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator standalone, Installer None Obtaining a new certificate Performing the following challenges: http-01 challenge for xxxxxxxx.xxxxxx.org Waiting for verification... Cleaning up challenges Failed authorization procedure. xxxxxxxx.xxxxxx.org (http-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Fetching http://xxxxxxxx.xxxxxx.org/.well-known/acme-challenge/igQwFM5uEZH-G1E1iS-R0v-GlcC3-xv-g9F1n-9r51g: Timeout IMPORTANT NOTES: - The following errors were reported by the server: Domain: xxxxxxxx.xxxxxx.org Type: connection Detail: Fetching http://xxxxxxxx.xxxxxx.org/.well-known/acme-challenge/igQwFM5uEZH-G1E1iS-R0v-GlcC3-xv-g9F1n-9r51g: Timeout To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. Additionally, please check that your computer has a publicly routable IP address and that no firewalls are preventing the server from communicating with the client. If you're using the webroot plugin, you should also verify that you are serving files from the webroot path you provided. - Your account credentials have been saved in your Certbot configuration directory at /etc/letsencrypt. You should make a secure backup of this folder now. This configuration directory will also contain certificates and private keys obtained by Certbot so making regular backups of this folder is ideal. /var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory [cont-init.d] 50-config: exited 1. [cont-finish.d] executing container finish scripts... [cont-finish.d] done. [s6-finish] syncing disks. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the TERM signal. [s6-finish] sending all processes the KILL signal and exiting. You're having some kind of access error to the http session from external servers. You need to forward on your router publicip(publicdomain):80 - unraid:85 so they can test that you own http as well as https. Quote Link to comment
jasgud Posted January 12, 2018 Share Posted January 12, 2018 2 hours ago, MrChunky said: Now you have the same error as me:) Welcome to the club. applying this "fix" forces us to port forward http (tcp 80) through our router to access the nginx service so it can be evaluated by letsencrypt. Make sure you have http and https available externally. 1 Quote Link to comment
sgt_spike Posted January 12, 2018 Share Posted January 12, 2018 letsencrypt fails to start after recent update. Not sure what has changed. [cont-init.d] 20-config: exited 0.[cont-init.d] 30-keygen: executing...using keys found in /config/keys[cont-init.d] 30-keygen: exited 0.[cont-init.d] 50-config: executing...2048 bit DH parameters presentSUBDOMAINS entered, processingOnly subdomains, no URL in certSub-domains processed are: -d bacnet.bacnet.duckdns.org -d btchriss.bacnet.duckdns.orgE-mail address entered: [email protected]Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be createdusage:certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,it will attempt to use a webserver both for obtaining and installing thecertificate.certbot: error: argument --cert-path: No such file or directoryGenerating new certificateSaving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator standalone, Installer NoneObtaining a new certificatePerforming the following challenges:Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.IMPORTANT NOTES:- Your account credentials have been saved in your Certbotconfiguration directory at /etc/letsencrypt. You should make asecure backup of this folder now. This configuration directory willalso contain certificates and private keys obtained by Certbot somaking regular backups of this folder is ideal./var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory[cont-init.d] 50-config: exited 1.[cont-finish.d] executing container finish scripts...[cont-finish.d] done.[s6-finish] syncing disks.[s6-finish] sending all processes the TERM signal.[s6-finish] sending all processes the KILL signal and exiting. Quote Link to comment
Greygoose Posted January 12, 2018 Share Posted January 12, 2018 just installed letsencrypt after 1 week to try again -------------------------------------_ _ _| |___| (_) ___| / __| | |/ _ \| \__ \ | | (_) ||_|___/ |_|\___/|_|Brought to you by linuxserver.ioWe gratefully accept donations at:https://www.linuxserver.io/donations/-------------------------------------GID/UID-------------------------------------User uid: 99User gid: 100-------------------------------------[cont-init.d] 10-adduser: exited 0.[cont-init.d] 20-config: executing...[cont-init.d] 20-config: exited 0.[cont-init.d] 30-keygen: executing...using keys found in /config/keys[cont-init.d] 30-keygen: exited 0.[cont-init.d] 50-config: executing...2048 bit DH parameters presentSUBDOMAINS entered, processingSub-domains processed are: -d www.website.com -d nextcloud.website.comE-mail address entered: [email protected]Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be createdusage:certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,it will attempt to use a webserver both for obtaining and installing thecertificate.certbot: error: argument --cert-path: No such file or directoryGenerating new certificateSaving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator standalone, Installer NoneObtaining a new certificatePerforming the following challenges:Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.IMPORTANT NOTES:- Your account credentials have been saved in your Certbotconfiguration directory at /etc/letsencrypt. You should make asecure backup of this folder now. This configuration directory willalso contain certificates and private keys obtained by Certbot somaking regular backups of this folder is ideal./var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory[cont-init.d] 50-config: exited 1.[cont-finish.d] executing container finish scripts...[cont-finish.d] done.[s6-finish] syncing disks.[s6-finish] sending all processes the TERM signal.[s6-finish] sending all processes the KILL signal and exiting. Quote Link to comment
sgt_spike Posted January 12, 2018 Share Posted January 12, 2018 2 minutes ago, Greygoose said: just installed letsencrypt after 1 week to try again -------------------------------------_ _ _| |___| (_) ___| / __| | |/ _ \| \__ \ | | (_) ||_|___/ |_|\___/|_|Brought to you by linuxserver.ioWe gratefully accept donations at:https://www.linuxserver.io/donations/-------------------------------------GID/UID-------------------------------------User uid: 99User gid: 100-------------------------------------[cont-init.d] 10-adduser: exited 0.[cont-init.d] 20-config: executing...[cont-init.d] 20-config: exited 0.[cont-init.d] 30-keygen: executing...using keys found in /config/keys[cont-init.d] 30-keygen: exited 0.[cont-init.d] 50-config: executing...2048 bit DH parameters presentSUBDOMAINS entered, processingSub-domains processed are: -d www.website.com -d nextcloud.website.comE-mail address entered: [email protected]Different sub/domains entered than what was used before. Revoking and deleting existing certificate, and an updated one will be createdusage:certbot [SUBCOMMAND] [options] [-d DOMAIN] [-d DOMAIN] ...Certbot can obtain and install HTTPS/TLS/SSL certificates. By default,it will attempt to use a webserver both for obtaining and installing thecertificate.certbot: error: argument --cert-path: No such file or directoryGenerating new certificateSaving debug log to /var/log/letsencrypt/letsencrypt.logPlugins selected: Authenticator standalone, Installer NoneObtaining a new certificatePerforming the following challenges:Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA.IMPORTANT NOTES:- Your account credentials have been saved in your Certbotconfiguration directory at /etc/letsencrypt. You should make asecure backup of this folder now. This configuration directory willalso contain certificates and private keys obtained by Certbot somaking regular backups of this folder is ideal./var/run/s6/etc/cont-init.d/50-config: line 134: cd: /config/keys/letsencrypt: No such file or directory[cont-init.d] 50-config: exited 1.[cont-finish.d] executing container finish scripts...[cont-finish.d] done.[s6-finish] syncing disks.[s6-finish] sending all processes the TERM signal.[s6-finish] sending all processes the KILL signal and exiting. Looks like we are having the same issue. Quote Link to comment
EdgarWallace Posted January 12, 2018 Share Posted January 12, 2018 (edited) 1 hour ago, jasgud said: applying this "fix" forces us to port forward http (tcp 80) through our router to access the nginx service so it can be evaluated by letsencrypt. Make sure you have http and https available externally. The was doing the trick: port forward http (tcp 80 -->> 85) as well as https (tcp 443 -->> 443) is required. Thanks a lot. Edited January 12, 2018 by EdgarWallace Quote Link to comment
Londinium Posted January 12, 2018 Share Posted January 12, 2018 8 minutes ago, EdgarWallace said: The was doing the trick: port forward http (tcp 80 -->> 85) as well as https (tcp 443 -->> 443) is required. Thanks a lot. Same here, solved by forwarding port 80 to 81 on my router (check the http port in Letsencrypt docker configuration). The 401 unauthorized I was getting previously was probably coming from unRAID web UI Thanks! Quote Link to comment
Dhagon Posted January 12, 2018 Share Posted January 12, 2018 Hey guys, I've got a problem that I've somewhat narrowed down to being either reverse-proxy related and/or caused by my PC, but I got stuck, so now I'm hoping some of you may know what's wrong. I'm sure that there's some really simple solution that I'm just not seeing, but here goes; I have a basic Unraid server running lets-encrypt, duckdns and a few others, with Nextcloud and Ombi setup on reverse-proxy. Everything has been working flawlessly so far, for almost a year, then suddenly a few days ago, I could no longer connect to Nextcloud or Ombi. I'm able to ping the server by IP and name "myserver.duckdns.org", but I get timeouts when trying to access Nextcloud both via the desktop app and web interface by url myserver.duckdns.org/nextcloud. At first I started looking through settings on the server and router, but then I got a friend of mine to test on his end, and he had no issues accessing either of them. Also found out that I had no issues on my phone connected to the home WiFi.. So my PC is basically the only device unable to connect? I hadn't made any changes on my PC or the server, so this is really confusing. Also, on top of that, I just had the same problem occur as many of you got after the update, but after applying the fix, Ombi became completely inaccessible, this time also for everyone else. Anyone know what could be wrong? Let me know if you need any logs or screenshots. Quote Link to comment
jasgud Posted January 12, 2018 Share Posted January 12, 2018 5 hours ago, MrChunky said: I have what seems like the same problem, so I applied the suggested fix. FYI the required variable is set to false by default in the docker config already. There is no need to add a new variable, just change the existing one. But, I am getting connection refused on port 80. Should I change something in the nginx config as well? Domain: www.xxx.com Type: connection Detail: Fetching http://www.xxx.com/.well-known/acme-challenge/xxx: Connection refused Here is my current nginx config... port 80 listening seems to be enabled as per instructions. server { listen 80; server_name www.xxx.com; return 301 https://$host$request_uri; } server { listen 443 ssl default_server; root /config/www; index index.html index.htm index.php; server_name www.xxx.com; Edit: I have figured out that the problem started after the last update of letsencrypt docker. Still don't know how to fix it. I'm thinking comment out your 301 to https and allow the validator to hit http. Quote Link to comment
Quiks Posted January 12, 2018 Share Posted January 12, 2018 (edited) Like others I'm also getting the challenge error as well as the no such file or directory problem firstly, it's complaining about /config/keys/letsencrypt. This is a symlink that goes to /etc/letsencrypt/live/domain.com I can't verify if this is correctly linked inside the container because the container immediately stops once started, no time to docker exec in and see what's wrong. Has anyone come to a conclusion on what's going on this this file error? I haven't tried the HTTPVAL fix yet as I'm dealing with the directory problem first. I also would prefer to not have to forward port 80. Edited January 12, 2018 by Quiks Quote Link to comment
jasgud Posted January 12, 2018 Share Posted January 12, 2018 2 minutes ago, Quiks said: Like others I'm also getting the challenge error as well as the no such file or directory problem firstly, it's complaining about /config/keys/letsencrypt. This is a symlink that goes to /etc/letsencrypt/live/domain.com I can't verify if this is correctly linked inside the container because the container immediately stops once started, no time to docker exec in and see what's wrong. Has anyone come to a conclusion on what's going on this this file error? I haven't tried the HTTPVAL fix yet as I'm dealing with the directory problem first. I also would prefer to not have to forward port 80. this looks like exactly what happened to me. httpval fixes it all. 1 Quote Link to comment
Quiks Posted January 12, 2018 Share Posted January 12, 2018 (edited) 6 minutes ago, jasgud said: this looks like exactly what happened to me. httpval fixes it all. Just tried HTTPVAL = true, forwarded port 80 to my exposed http port 90 > 80 and it did the trick. Hopefully they fix this so i can close back up port 80. edit: for anyone else that needs to know where to edit this, it's under advanced settings Edited January 12, 2018 by Quiks 1 Quote Link to comment
BrandonG777 Posted January 12, 2018 Share Posted January 12, 2018 (edited) I just got banned for a week for excessive registration attempts trying to resolve this. From my understanding you get 5 an hour. My ISP blocks port 80 so the HTTPVAL=true solution doesn't work for me. EDIT: Rebooted my router and pulled another IP from my ISP to get around the rate limit. Edited January 12, 2018 by BrandonG777 Quote Link to comment
kreene1987 Posted January 12, 2018 Share Posted January 12, 2018 Phew this one is throwing me for a loop. I port forwarded my IP 80 --> 81 and now I can VPN in and get to all of my internal links and everything is working great, but the Unraid GUI connection is refused. Any reason the 2 would be related? Quote Link to comment
ffhelllskjdje Posted January 12, 2018 Share Posted January 12, 2018 (edited) 4 minutes ago, kreene1987 said: Phew this one is throwing me for a loop. I port forwarded my IP 80 --> 81 and now I can VPN in and get to all of my internal links and everything is working great, but the Unraid GUI connection is refused. Any reason the 2 would be related? same thing happening to me, letsencrypt seems to be working but my nextcloud is not working at all anymore and I'm not sure why. Both http and https are open and forwarded to letsencrypt I'm getting a 502 bad gateway error now whereas before it was working flawlessly Edited January 12, 2018 by ffhelllskjdje Quote Link to comment
Quiks Posted January 12, 2018 Share Posted January 12, 2018 4 minutes ago, ffhelllskjdje said: same thing happening to me, letsencrypt seems to be working but my nextcloud is not working at all anymore and I'm not sure why. Both http and https are open and forwarded to letsencrypt Are you accessing it the same way? What do you see instead of your nextcloud page? My only issue was getting my certificate pushed. After that, everything worked per normal. you should be able to go to your public ipaddress:port instead of the domain and have it work as well (albeit without the pretty "secure" icon) assuming you have this allowed in your conf. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.