Error with validating domain


#1

Can anyone guide me to what i am doing incorrectly?

Anthonys-Mac-mini:certbot Anthony$ sudo certbot certonly --standalone --preferred-challenges http-01 --email XX.XXXXXX@gmail.com -d XXXXX.duckdns.org
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
/usr/local/Cellar/certbot/0.22.2/libexec/lib/python3.6/site-packages/josepy/jwa.py:107: CryptographyDeprecationWarning: signer and verifier have been deprecated. Please use sign and verify instead.
signer = key.signer(self.padding, self.hash)
Performing the following challenges:
http-01 challenge for XXXXX.duckdns.org
Cleaning up challenges
Problem binding to port 80: Could not bind to IPv4 or IPv6.


#2

You’re using the standalone plugin. This requires access to port 80, but it seems some other server is running on that port already. Probably your webserver :wink:

You probably would like to use the webroot plugin for authentication (in stead of standalone) or perhaps use the apache or nginx plugins (depending on the webserver used) to automatically authenticate and install the certificate in one setting.


#3

I am running a home assistant server, using duckdns and port forwarding to allow for remote access. I’ll try to reauthenticate after stopping the home assistant server.


#4

So i tried using the webroot plugin. I pointed the files to directory on my mac and got the following response:

https://hastebin.com/oyajofihax.sql


#5

If you put a file in the directory /users/anthony/.homeassistant/certbot, for example “test.txt”, is that file accessible on yourdomain.duckdns.org/test.txt?


#6

It does not… I tried following theses instructions got stuck on chapter 4. I then tried following the user guide on eff.org without any luck. Perhaps Ill have to start over or just migrate the homeassistant server to a raspberry PI (as duckdns/SSL encryptions are available as add-ons to the homeassistant environment on PI).


#7

Well, that’s your problem then. The whole idea with the -w option is to let certbot know where to put files on the webservers drive which can be accessed from the “world wide web”. You’ll need to put the path to the “DocumentRoot” (or equivalent) from which files can be accessed.

Where exactly did you get stuck? The instructions make sense to me. In stead of using the webroot plugin, they use the standalone plugin. This does require you to stop Home Assistant temporarily (which can be done through a script, see the Pre and Post Validation Hooks section of the certbot manual). The certbot client will be the temporary webserver, so no need for a webroot path.


#8

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.