Help with Certbot renewal & plugins

Help
21

not found. should I show you my config file

22

Yes, and confirm your Internet IP:
Name: vorman.mooo.com
Address: 148.75.65.185

23

above is correct

https://pastebin.com/5AjxmiUd

server.modules = (
“mod_access”,
“mod_alias”,
“mod_compress”,
“mod_redirect”,
“mod_rewrite”,
“mod_setenv”,
)

server.document-root = “/var/www/html/owncloud”
server.upload-dirs = ( “/var/cache/lighttpd/uploads” )
server.errorlog = “/var/log/lighttpd/error.log”
server.pid-file = “/var/run/lighttpd.pid”
server.username = “www-data”
server.groupname = “www-data”
server.port = 80
ssl_engine = “enabled”
server.bind = “192.168.1.9”

index-file.names = ( “index.php”, “index.html”, “index.lighttpd.html” )
url.access-deny = ( “~”, “.inc” )
static-file.exclude-extensions = ( “.php”, “.pl”, “.fcgi” )

compress.cache-dir = “/var/cache/lighttpd/compress/”
compress.filetype = ( “application/javascript”, “text/css”, “text/html”, “text/plain” )

default listening port for IPv6 falls back to the IPv4 port

include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell “/usr/share/lighttpd/create-mime.assign.pl”
include_shell “/usr/share/lighttpd/include-conf-enabled.pl”

$SERVER[“socket”] == “:443” {
ssl.engine = “enable”
ssl.pemfile = “/etc/letsencrypt/live/vorman.mooo.com/combined.pem”
ssl.ca-file = “/etc/letsencrypt/live/vorman.mooo.com/fullchain.pem”
ssl.cipher-list = “ECDHE-RSA-AES256-SHA384:AES256-SHA256:HIGH:!MD5:!aNULL:!EDH:!AESGCM”
ssl.honor-cipher-order = “enable”
ssl.use-sslv2 = “disable”
ssl.use-sslv3 = “disable”
}

#$SERVER[“socket”] == “vorman.mooo.com:443” {

ssl.engine = “enable”

ssl.pemfile = “/etc/lighttpd/ssl/vorman.mooo.com.pem”

ssl.ca-file = “/etc/lighttpd/ssl/vorman.mooo.com.crt”

server.name = “vorman.mooo.com”

server.document-root = “/var/wwww/html/owncloud”

#}

#$SERVER[“socket”] == “:443” {

ssl.engine = “enable”

ssl.pemfile = “/etc/lighttpd/certs/lighttpd.pem”

#}

$HTTP[“scheme”] == “https” {
setenv.add-response-header = ( “Strict-Transport-Security” => "max-age=63072000; includeSubdomains; ")
}

24

--webroot must match document-root

Place the 1234 text file at: /var/www/html/owncloud/.well-known/acme-challenge/
mkdir /var/www/html/owncloud/.well-known/
mkdir /var/www/html/owncloud/.well-known/acme-challenge/
echo "hello" > /var/www/html/owncloud/.well-known/acme-challenge/1234

If that works (http://vorman.mooo.com/.well-known/acme-challenge/1234), then use
--webroot -w /var/www/html/owncloud/
If that fails...
We keep looking :slight_smile:

25

This may be your answer

26

not found , { sorry I went wrong link it downloads a file ] so I guess it worked ]

here is my question .

'then use --webroot… where? when renewing? if I was able to create why renting fails if nothing changed ? do I have to answer all the same questions on renewing I did on creation

27

well I was able to create it like that , then why I can’t renwew it

28

This is visible from Internet: http://vorman.mooo.com/.well-known/acme-challenge/1234
Now try:
certbot-auto certonly --webroot -w /var/www/html/owncloud/
or
certbot-auto renew --webroot -w /var/www/html/owncloud/
or just
certbot-auto --webroot -w /var/www/html/owncloud/

29

don’t I have to specify renew ?
ok ill try this

30

The webroot has since changed from:

To:

31

Alternatively, you could just update the renewal file from:

To:
[[webroot_map]]
vorman.mooo.com = /var/www/html/owncloud

32

THANKS MUCH both of you … 5 star support I learned a lot

18%20AM
Screen Shot 2018-12-08 at 5.46.18 AM.png822×173 18.9 KB

2 Likes
33

was there any security concerns on file I pasted ?

34

Now see if the renewal file now has the correct webroot.
If so, then you won’t need to include --webroot in future updates.

35

none that I can see.

36

where I see that which file , I want to see what is my renewal date

37

yes webroot is correct but I don’t see rental date

38

Try:
certbot certificates

39

mmmmmm,

30 days ?

renew_before_expiry = 30 days

version = 0.29.1

archive_dir = /etc/letsencrypt/archive/vorman.mooo.com

cert = /etc/letsencrypt/live/vorman.mooo.com/cert.pem

privkey = /etc/letsencrypt/live/vorman.mooo.com/privkey.pem

chain = /etc/letsencrypt/live/vorman.mooo.com/chain.pem

fullchain = /etc/letsencrypt/live/vorman.mooo.com/fullchain.pem

Options used in the renewal process

[renewalparams]

authenticator = webroot

account = 99d1abf44ae76a30527e984e392c1bd6

server = https://acme-v02.api.letsencrypt.org/directory

webroot_path = /var/www/html/owncloud,

[[webroot_map]]

vorman.mooo.com = /var/www/html/owncloud

certbot certificates file or command

40

Cert life = 90 days
“renew BEFORE expires 30 days” = 60 days from now