Help installing cert new to Github and Putty


#1

My domain is: multiple through Godaddy main is; www.homeopathyclinic.ca. However, the main site I need a cert is on a subdomain of www.homeopathyforanimals.com

I was following the instructions to install Neilpang/acme.

I was able to confirm root access to my file with Putty and tested the ability to write to it by entering the suggested test of:

cd /home/content/06/105xxxxx/html
echo “this is a test” > a.txt

I was able to see the test through http://www.homeopathyclinic.ca/a.txt without a problem.

I was also able to successfully install and unzipping the master.zip by entering:

wget https://github.com/Neilpang/le/archive/master.zip which gave me a long list of creating and inflating.

At this point I can seem to get no further in setting up a cert. The remainder of the instructions all I receive in Putty is "no such file or directory"
I also cannot seem to a new directory where I created the txt file?

Please help…


#2

@Neilpang is the best person to help with the acme.sh client - or I’d suggest opening an issue at https://github.com/Neilpang/acme.sh/issues

the " wget http…" command should have simply downloaded a file - that you would then need to unzip. I assume it was when you expanded this that it gave the long list of creating and inflating.

which specific instructions are you following ? (on the site it says use “wget -O - https://get.acme.sh | sh” to install rather than the command you have pasted.


#3

Thank you, I tried your command and this is what I got:

-bash-4.2$ wget -O - https://get.acme.sh | sh
–2017-01-17 09:09:15-- https://get.acme.sh/
Resolving get.acme.sh… 195.154.91.106
Connecting to get.acme.sh|195.154.91.106|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 671 [text/plain]
Saving to: `STDOUT’

100%[=====================================================>] 671 --.-K/s in 0s

2017-01-17 09:09:16 (119 MB/s) - written to stdout [671/671]

% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 112k 100 112k 0 0 362k 0 --:–:-- --:–:-- --:–:-- 687k
[Tue Jan 17 09:09:16 MST 2017] Installing from online archive.
[Tue Jan 17 09:09:16 MST 2017] Downloading https://github.com/Neilpang/acme.sh/archive/master.t ar.gz
[Tue Jan 17 09:09:17 MST 2017] Extracting master.tar.gz
[Tue Jan 17 09:09:17 MST 2017] It is recommended to install nc first, try to install ‘nc’ or ‘n etcat’.
[Tue Jan 17 09:09:17 MST 2017] We use nc for standalone server if you use standalone mode.
[Tue Jan 17 09:09:17 MST 2017] If you don’t use standalone mode, just ignore this warning.
[Tue Jan 17 09:09:17 MST 2017] Installing to /var/chroot/home/content/06/105xxxxx/.acme.sh
[Tue Jan 17 09:09:17 MST 2017] Installed to /var/chroot/home/content/06/105xxxxx/.acme.sh/acme. sh
[Tue Jan 17 09:09:17 MST 2017] No profile is found, you will need to go into /var/chroot/home/c ontent/06/105xxxxx/.acme.sh to use acme.sh
[Tue Jan 17 09:09:17 MST 2017] Installing cron job
0 0 * * * “/var/chroot/home/content/06/105xxxxx/.acme.sh”/acme.sh --cron --home “/var/chroot/ho me/content/06/105xxxxx/.acme.sh” > /dev/null
[Tue Jan 17 09:09:18 MST 2017] Good, bash is found, so change the shebang to use bash as prefer red.
[Tue Jan 17 09:09:18 MST 2017] OK
[Tue Jan 17 09:09:18 MST 2017] Install success!
-bash-4.2$

IS this what I should see? Is says success however in looking in my FTP I do not see a directory or folder acme.sh


#4

I don’t use acme.sh ( hence suggesting you raise an issue with Neil as the developer).

Looking at the output though, it makes sense that it was successful in installing his script.

what do you see with “ls -la” in that directory ?


#5

I have posted in Github on the link to Neil as you suggested, however no response yet.

To answer your question I cannot find anything that was created and cannot see “Is -la”. I have FileZilla on my local machine. When I created the test txt file I was able to see the HTML file created instantly in my FTP. However after this last “install” I cannot find anything new and the last updated file is the TXT file I created earlier.

If there is a different way to proceed with installing a cert that you can assist with I am more than willing. I only went with Neils code due to finding a string that somewhat matched my issue.


#6

What is the operating system your website is on ? and does it use a control panel ?

Do you have SSH access ? and do you have root access to the server ?


#7

My websites are on a Linux hosted account through GoDaddy. I have C-Panel with GoDaddy and was able to turn on access to my SSH. I have access to the server with root access via Putty on my local computer. I did test the ability to write to my root files through Putty and was successful in creating a test found at www.homeopathyclinic.ca/a.txt


#8

Ok, I can talk you through obtaining a certificate, however before I do that, will GoDaddy allow you to install certificates on your account ? (they don’t enable it on most accounts). if you have root access though, you should be fine.

Can you tell me what version of cPanel you are using ?


#9

I cannot find which cPannel version, it may be GoDaddy’s simplified version. I did find that it is possible to install 3rd party certs, just Godaddy will not help as they sell their own and want you to purchase this from them.


#10

OK, Thanks.

The reason I was asking as cpanel have an official plugin for Let’s Encrypt which would make it very easy to install your certs ( it does it for you automatically ). The version number is usually down in the bottom left of the screen when logged into your cpanel.

It might be worth a test of running

/scripts/install_lets_encrypt_autossl_provider

on the SSH command line as root - and see if it enables it, or you get an error .

also, running

/usr/local/cpanel/cpanel -V

on the SSH command line should tell you the version of cpanel you are running.


#11

through Putty I tried both commands and got “No such file or directory”


#12

OK, in that case it does sound as if they have modified things such that the plugin may not work.

The bash client I’m most familiar with is GetSSL, as I wrote it, and is similar to the acme.sh you were trying. Alternatively you can use certbot (the official client ). Both should work with your environment.

If you want to use GetSSL then you can install it by running

curl --silent https://raw.githubusercontent.com/srvrco/getssl/master/getssl > getssl ; chmod 700 getssl

in SSH.

If you want to use certbot, then you can install is by running

wget https://dl.eff.org/certbot-auto; chmod a+x certbot-auto

in SSH


#13

Ok, I tried the first line and nothing happened, it just went to a new Bash line.

I then tried the second one and got this:

-bash-4.2$ wget https://dl.eff.org/certbot-auto; chmod a+x certbot-auto
–2017-01-17 11:11:12-- https://dl.eff.org/certbot-auto
Resolving dl.eff.org… 173.239.79.196
Connecting to dl.eff.org|173.239.79.196|:443… connected.
HTTP request sent, awaiting response… 200 OK
Length: 46237 (45K) [text/plain]
Saving to: `certbot-auto’

100%[=======================================================================>] 46,237 --.-K/s in 0.03s

2017-01-17 11:11:12 (1.54 MB/s) - `certbot-auto’ saved [46237/46237]

-bash-4.2$


#14

OK, you should have both of them installed now.

Please let me know which you want to use (as I suspect going through the commands for both at the same time will cause confusion :wink: )

To run getssl and configure the basics for your domain www.homeopathyforanimals.com type

./getssl -c www.homeopathyforanimals.com

Alternatively, set up certbot by running

./certbot-auto certonly


#15

Here is the response

-bash-4.2$ ./getssl -c www.homeopathyforanimals.com
getssl: this script requires one of: nslookup drill dig host
-bash-4.2$


#16

OK, has certbot got all it needs to run ?

also, could you type

cat /etc/os-release

which will hopefully provide details as to what your operating system is.


#17

gave me “no such file or directory”

alternatively I tried the certbot command. This is the response:

-bash-4.2$ ./certbot-auto certonly
"sudo" is not available, will use “su” for installation steps…
Bootstrapping dependencies for RedHat-based OSes…
Neither yum nor dnf found. Aborting bootstrap!
-bash-4.2$


#18

I’m not sure what the operating system is (to be able to install other packages that are needed ), and certbot is giving errors as well.

other commands that might give us a clue as to the operating system are;

uname -a

and

cat /etc/system-release

if neither of them give an output, cat you ask godaddy what the OS is, and if they can install “dig” or “nslookup” ?


#19

-bash-4.2$ uname -a
Linux p3nlhftpg201.shr.prod.phx3.secureserver.net 2.6.32-642.4.2.el6.x86_64 #1 SMP Tue Aug 23 19:58:13 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
-bash-4.2$


#20

-bash-4.2$ cat /etc/system-release
CentOS release 6.3 (Final)
-bash-4.2$