I am in the mist of setting up a Zencash secure node on Ubuntu 18 that I have set up in Hyper-V. I am having issues with getting the certificate installed to it.
I’ve been following the Secure & Super Nodes guide on atlassian.net to configure this and at this point I have reached a road block at Part 6 due to my novice on this TLS certification stuff. Could someone please help guide me to the right direction to get past this stop. Thanks!
The command entered:
sudo certbot certonly -n --agree-tos --register-unsafely-without-email --standalone -d $FQDN\
outputs the following:
zennode@Linux-CVM1:/home/testminer$ sudo certbot certonly -n
–agree-tos --register-unsafely-without-email --standalone -d $FQDN
[sudo] password for zennode:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator standalone, Installer None
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for zen.mydomain.com
Waiting for verification…
Cleaning up challenges
Failed authorization procedure. zen.mydomain.com (http-01):
urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient
authorization :: Invalid response from
The following errors were reported by the server:
Domain: zen.mydomain.comNot Found )
Detail: Invalid response from
To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
I am very green in this area and not quite sure how this certificate is suppose to get issued. The first time I ran the command above, I was using an internal FQDN which I know now is not allowed. Since I understand that this request requires a external FQDN be used I think I am able to accommodate the request since I have a registered domain I use for web hosting on my Win 2008 Server I have in Hyper-V.
I am unsure if my Ubuntu system also on Hyper-V (on a different system on the network) issuing the cert request if the Zen dameon need to be on my web server. From the error, is it trying to write something to a path from the FQDN I created. Do I need to setup something on IIS on that web server so it can listen for issuing cert?
I drew up a rudimentary topology graph to help give an idea of how my home network setup as I know it is currently functioning.