ACME TLS-SNI-01 domain validation using Nextcloud Snap


I’ve got a domain issued through the Nextcloud snap.

The command I used to issue the certificate was
$ sudo nextcloud.enable-https lets-encrypt

I’ve not found a thread that matches my use. Can anyone advise me how to check what I need to do please.


Unfortunately, that is a very use specific script that is not common and hard to find clear detail on the contents of that script.

So, there is no way for anyone that is not familiar with that script to know enough to direct you in any specific direction.

That said, you should still be able to “test” it and see what if anything it complains about or maybe it completes without error…


How would I test it? The following page is the exhaustion of instructions.


I’m not familiar with that snap either, but it looks like it’s using certbot so you could try certbot renew --dry-run --preferred-challenges http-01 and see if it produces any errors.


I found a certbot executable in /snap/nextcloud/current/bin

So in the /snap/nextcloud/current/bin directory I tried
sudo sh certbot renew --dry-run --preferred-challenges http-01 certbot: line 4: import: command not found certbot: line 5: import: command not found from: can't read /var/mail/certbot.main certbot: line 10: syntax error near unexpected token `(' certbot: line 10: ` sys.argv[0] = re.sub(r'(-script\.pyw?|\.exe)?‘, ‘’, sys.argv[0])’

I’m not sure if that’s the error you’re looking for but it looks like a totally different error indeed.


Certbot is a python script, not a shell script. Try just running it as sudo certbot renew ...


Oh that’s easy: sudo: certbot: command not found


You might have to “connect to the box” first (sorry, just guessing here based on the instructions, as I said I’m not familiar with this snap)


I’m running it on a remote dedicated server rather than a home server bought in. It looks like those instructions are how to log in if you buy an off the shelf home server.


Okay it looks like directly running the certbot inside the snap from outside the snap is … not the intended method and in any case beyond my skills :frowning:

The nextcloud.enable-https command seems to support a -d option for a “Dry run” so that might be worth a try, I guess.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.