Enable https on nginx webserver using letsencrypt application


#1

Hi,

I am running nginx webserver and i am enabling DV SSL letsencrypt certs to nginx webserver
is it ./letsencrypt-auto certonly --nginx -d example.com -d gitlab.example.com?

Best Regards,

Kaushal


#2

You should use certbot-auto instead of letsencrypt-auto. Also, you can remove the “certonly” part.


#3

Hi Jacob,

I am facing the below issue.

> [root@ip-172-31-22-159 letsencrypt]# ./certbot-auto certonly --standalone -d example.com -d gitlab.example.com

Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for example.com
http-01 challenge for gitlab.example.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. example.com (http-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://example.com/.well-known/acme-challenge/F0sfnHCEVMErd5dedtIKqor8by9W4ojA9Upl_Jdn8wM: "

<html class="no-js lt-i" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. [root@ip-172-31-22-159 letsencrypt]# cat /etc/redhat-release CentOS Linux release 7.5.1804 (Core) [root@ip-172-31-22-159 letsencrypt]# ./certbot-auto -vvv --nginx -d example.com -d gitlab.example.com Root logging level set at -10 Saving debug log to /var/log/letsencrypt/letsencrypt.log Requested authenticator nginx and installer nginx No installation (PluginEntryPoint#nginx): Traceback (most recent call last): File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py", line 126, in prepare self._initialized.prepare() File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 135, in prepare raise errors.NoInstallationError NoInstallationError No candidate plugin Selected authenticator None and installer None The nginx plugin is not working; there may be problems with your existing configuration. The error was: NoInstallationError() [root@ip-172-31-22-159 letsencrypt]# 2018-06-01 00:44:20,945:DEBUG:certbot.main:certbot version: 0.24.0 2018-06-01 00:44:20,945:DEBUG:certbot.main:Arguments: ['-vvv', '--nginx', '-d', 'example.com', '-d', 'gitlab.example.com'] 2018-06-01 00:44:20,945:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2018-06-01 00:44:20,960:DEBUG:certbot.log:Root logging level set at -10 2018-06-01 00:44:20,960:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2018-06-01 00:44:20,960:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx 2018-06-01 00:44:20,965:DEBUG:certbot.plugins.disco:No installation (PluginEntryPoint#nginx): Traceback (most recent call last): File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot/plugins/disco.py", line 126, in prepare self._initialized.prepare() File "/opt/eff.org/certbot/venv/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 135, in prepare raise errors.NoInstallationError NoInstallationError 2018-06-01 00:44:20,966:DEBUG:certbot.plugins.selection:No candidate plugin 2018-06-01 00:44:20,966:DEBUG:certbot.plugins.selection:Selected authenticator None and installer None

OS Version :- CentOS Linux release 7.5.1804 (Core)

I will appreciate if you can let me know the reason behind error and i look forward to hearing from you.

Best Regards,

Kaushal


#4

Well, you did exactly the opposite as what @jsha recommended. You didn’t remove certonly, instead you left it there, but changed --nginx to --standalone.

To help you, we need to understand exactly what you’re trying to do. For example, why the above changes? Do you understand what the difference is?


#5

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.