Hi,
I cannot set up the SSL certificate using Letsencrypt. Here are the step that I have done.
Install Letsencrypt on the fresh installation of Ubuntu Server 16.04.
- sudo apt-get update
- sudo apt-get install python-letsencrypt-apache
Configure SSH on this Ubuntu Server.
3. ssh myroot@my_server_ip
4. sudo adduser second
5. sudo usermod -aG sudo second
6. ssh-keygen
7. ssh-copy-id second@my_server_ip
8. exit
Disable Password Authentication
9. gksu leafpad /etc/ssh/sshd_config
10. Change the lines in sshd_config to below and save.
PasswordAuthentication no
PubkeyAuthentication yes
ChallengeResponseAuthentication no
11.sudo systemctl reload sshd
Test SSH with the new username 'second'.
9. ssh second@my_server_ip
10. As you can see below, SSH is no longer required the password.
Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-57-generic x86_64)
- Documentation: https://help.ubuntu.com
- Management: https://landscape.canonical.com
- Support: Ubuntu Pro | Ubuntu
0 packages can be updated.
0 updates are security updates.
It also uses 'the Public Key' for authentication.
Set Up a Basic Firewall
11. sudo ufw allow OpenSSH
12. sudo ufw status
Status: active
To Action From
8080 ALLOW Anywhere
Apache Full ALLOW Anywhere
OpenSSH ALLOW Anywhere
8080 (v6) ALLOW Anywhere (v6)
Apache Full (v6) ALLOW Anywhere (v6)
OpenSSH (v6) ALLOW Anywhere (v6)
Set Up the SSL Certificate through Letsencrypt
13. $ sudo letsencrypt --apache -d zethanath.tk -d site1.zethanath.tk
Failed authorization procedure. zethanath.tk (tls-sni-01): urn:acme:error:connection :: The server could not connect to the client to verify the domain :: Failed to connect to 69.197.18.189:443 for TLS-SNI-01 challenge, site1.zethanath.tk (tls-sni-01): urn:acme:error:unknownHost :: The server could not resolve a domain name :: No valid IP addresses found for site1.zethanath.tk
IMPORTANT NOTES:
- The following errors were reported by the server:
Domain: site1.zethanath.tk
Type: unknownHost
Detail: No valid IP addresses found for site1.zethanath.tk
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address.
- The following errors were reported by the server:
Domain: zethanath.tk
Type: connection
Detail: Failed to connect to 69.197.18.189:443 for TLS-SNI-01
challenge
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A record(s) for that domain
contain(s) the right IP address. Additionally, please check that
your computer has a publicly routable IP address and that no
firewalls are preventing the server from communicating with the
client. If you're using the webroot plugin, you should also verify
that you are serving files from the webroot path you provided.
However, I believe my server is up and running.
14. ping site1.zethanath.tk
PING site1.zethanath.tk (192.168.1.148) 56(84) bytes of data.
64 bytes from ubuntu (192.168.1.148): icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=2 ttl=64 time=0.058 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=3 ttl=64 time=0.054 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=4 ttl=64 time=0.061 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=5 ttl=64 time=0.055 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=6 ttl=64 time=0.055 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=7 ttl=64 time=0.041 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=8 ttl=64 time=0.081 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=9 ttl=64 time=0.084 ms
64 bytes from ubuntu (192.168.1.148): icmp_seq=10 ttl=64 time=0.059 ms
^Z
[3]+ Stopped ping site1.zethanath.tk
Here are my information.
Free domain name: https://my.freenom.com
Free DNS and subdomain: freedns.afraid.org
Server: Ubuntu Server 16.04
Please let me know if you would like me to give you the content of sshd_config (Step 10 above).
Thank you so much.
