Hello guys,
I'm stuck since 2 days to get my certificate on my tomcat9 / debian 11. I tried the test and it's ok on : Let's Debug
My server.xml connector && host :
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> <!--<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true"> </Connector>--> <Host name="solutionazotee.fr" appBase="webapps/solutionazotee" unpackWARs="true" autoDeploy="true" deployOnStartup="true"> <Alias>engraisfrance.fr</Alias> <Alias>www.solutionazotee.fr</Alias> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="solutionazotee_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" /> </Host>
run with java 17, group & user tomcat:tomcat in /etc/systemd/system/tomcat.service, group & user tomcat:tomcat on /opt/tomcat/
Port 80/443 open with ufw
rules added to port forwarding 80 to 8080 & 443 to 8443 as follow :
Generated by iptables-save v1.8.7 on Mon Jan 3 13:12:08 2022
*nat
:PREROUTING ACCEPT [4005:155789]
:INPUT ACCEPT [2398:84444]
:OUTPUT ACCEPT [131:9671]
:POSTROUTING ACCEPT [135:9911]
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -i lo -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
-A OUTPUT -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8080
-A OUTPUT -o lo -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A OUTPUT -o lo -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 8443
I am using a VPS without firewall
Thanks for your help
My domain is: solutionazotee.fr
I ran this command: certbot certonly --standalone -d solutionazotee.fr
It produced this output:
Certbot failed to authenticate some domains (authenticator: standalone). The Certificate Authority reported these problems:
Domain: solutionazotee.fr
Type: connection
Detail: Fetching http://solutionazotee.fr/.well-known/acme-challenge/rWRawisDYPrR_EQKwJK6t0aPKO9W8otI0QvGZuK0TQo: Connection refused
My web server is (include version): tomcat 9
The operating system my web server runs on is (include version): debian 11
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version
or certbot-auto --version
if you're using Certbot):certbot 1.22.0