I am new to letsencrypt, so please excuse I am asking a question multiple times answered on the forum already, but I did not find anything helpful.
I have a Qnap nas and running its implemented webserver. Cause I would like to install DAViCal on virtual machine on the NAS, I need Pound to forward the requests on similar ports depending on the subdomain.
Hence, I installed Pound and Certbot in an lxc-container according to this page: https://antrecu.com/blog/configure-lets-encrypt-service-pound-server
So far so good. Certbot worked fine in the beginning, I have been able to create a certificate for my domain reichmuthph.ch and one subdomain, cal.reichmuthph.ch. but I tried to do it for another subdomain, nothing works any more, neither for any subdomain nor for the domain itself any more. The output I got you can find below.
Question:
- is the number of subdomains to create certificates for limited in letsencrypt?
- is it possible to generate multiple certificates for one the same domain on the same machine (it is not very reasonable, but a good indication to isolate the error)?
- and most important: how can I fix this?
Thanks
Philipp
Please fill out the fields below so we can help you better.
My domain is: reichmuthph.ch
I ran this command: /opt/certbot/letsencrypt-auto --text --email admin@reichmuthph.ch -d photo.reichmuthph.ch --agree-tos --standalone certonly
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
An unexpected error occurred:
ReadTimeout: HTTPSConnectionPool(host=‘acme-v01.api.letsencrypt.org’, port=443): Read timed out. (read timeout=45)
Please see the logfiles in /var/log/letsencrypt for more details.
/var/logs/letsencrypt/letsencrypte.log:
2017-07-17 21:29:23,293:DEBUG:certbot.main:certbot version: 0.16.0
2017-07-17 21:29:23,295:DEBUG:certbot.main:Arguments: [’–text’, ‘–email’, ‘admin@reichmuthph.ch’, ‘-d’, ‘photo.reichmuthph.ch’, ‘–agree-tos’, ‘–standalone’]
2017-07-17 21:29:23,295:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2017-07-17 21:29:23,497:DEBUG:certbot.log:Root logging level set at 20
2017-07-17 21:29:23,498:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2017-07-17 21:29:23,575:DEBUG:certbot.plugins.selection:Requested authenticator standalone and installer None
2017-07-17 21:29:24,292:DEBUG:certbot.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: IAuthenticator, IPlugin
Entry point: standalone = certbot.plugins.standalone:Authenticator
Initialized: <certbot.plugins.standalone.Authenticator object at 0x7f5b85e01910>
Prep: True
2017-07-17 21:29:24,294:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.standalone.Authenticator object at 0x7f5b85e01910> and installer None
2017-07-17 21:29:24,378:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, contact=(u’mailto:admin@reichmuthph.ch’,), agreement=u’https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf’, key=JWKRSA(key=<ComparableRSAKey(<cryptography.hazmat.backends.openssl.rsa._RSAPublicKey object at 0x7f5b846dd690>)>)), uri=u’https://acme-v01.api.letsencrypt.org/acme/reg/18877528’, new_authzr_uri=u’https://acme-v01.api.letsencrypt.org/acme/new-authz’, terms_of_service=u’https://letsencrypt.org/documents/LE-SA-v1.1.1-August-1-2016.pdf’), 17b0d9bda8726f28e8ba4807d444b643, Meta(creation_host=u’Pound-Proxy.fritz.box’, creation_dt=datetime.datetime(2017, 7, 17, 20, 2, 20, tzinfo=)))>
2017-07-17 21:29:24,381:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory.
2017-07-17 21:29:24,391:DEBUG:requests.packages.urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org
2017-07-17 21:30:09,616:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
File “/root/.local/share/letsencrypt/bin/letsencrypt”, line 11, in
sys.exit(main())
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 743, in main
return config.func(config, plugins)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 667, in certonly
le_client = _init_le_client(config, auth, installer)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py”, line 390, in _init_le_client
return client.Client(config, acc, authenticator, installer, acme=acme)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 234, in init
acme = acme_from_config_key(config, self.account.key)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/client.py”, line 45, in acme_from_config_key
return acme_client.Client(config.server, key=key, net=net)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 71, in init
self.net.get(directory).json())
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 654, in get
self._send_request(‘GET’, url, **kwargs), content_type=content_type)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/client.py”, line 627, in _send_request
response = self.session.request(method, url, *args, **kwargs)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/requests/sessions.py”, line 488, in request
resp = self.send(prep, **send_kwargs)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/requests/sessions.py”, line 609, in send
r = adapter.send(request, **kwargs)
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/requests/adapters.py”, line 499, in send
raise ReadTimeout(e, request=request)
ReadTimeout: HTTPSConnectionPool(host=‘acme-v01.api.letsencrypt.org’, port=443): Read timed out. (read timeout=45)
My web server is (include version): none up to now for these certificates, want to use them on Pound.
The operating system my web server runs on is (include version): Debian 8 Jessie, lxc-container on Qnap NAS
My hosting provider, if applicable, is: none
I can login to a root shell on my machine (yes or no, or I don’t know): yes
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): ???