Using this for reference... Certbot shows import error - Help - Let's Encrypt Community Support (letsencrypt.org)
ok I did the echo command but you want me to verify the file is created?
I do not recommend using certbot-django. It hasn't been updated for 5 years now and indeed results in ImportErrors due to relying on ancient dependencies which in the mean time have moved on.
4 Likes
what do you recommend? I see you posted an issue there and they ignored you which is unfortunate... is there a solution that you recommend?
Uninstalling certbot-django and listen to Mike who's trying to coach you towards a working Certbot in combination with your Apache.
By the way, http://emplois.kagan.ch/.well-known/acme-challenge/ChallengeTest is not working for me, so either your echo command did not work properly (is the file there?) or your Apaches DocumentRoot is incorrect.
Also, previously I got a 404 error from Django due to debugging being enabled. Now I see a simple 404 without Django. Did you make any chances to Django and/or Apache regarding Django?
4 Likes
I do not see the file being sent by your Apache server from that folder. Something is interfering with Apache sending files from its DocumentRoot folder.
If you plan to follow Osiris' advice and uninstall django I would do that first and we will check again.
curl -i http://emplois.kagan.ch/ChallengeTest
HTTP/1.1 404 Not Found
Date: Sun, 23 Jul 2023 16:08:27 GMT
Server: Apache/2.4.53 (FreeBSD) OpenSSL/1.1.1o-freebsd mod_wsgi/4.9.5.dev1 Python/3.11
(other headers omitted)
<!doctype html>
<html lang="en">
<head>
<title>Not Found</title>
</head>
<body>
<h1>Not Found</h1><p>The requested resource was not found on this server.</p>
</body>
</html>
3 Likes
it's uninstalled... but I would have to make a command that serves this file for example adding something to urls or views...
Why? Apache normally returns the contents of files automatically.
3 Likes
I am not sure how to answer that question ... it's a django application...
@MikeMcQ Isn't it a good idea to use a <Location> for the challenge directory or something? To exclude the challenge from Django altogether?
1 Like
ARGH. Yes, I think I am missing an important thing about Django.
Sorry. Not sure how to advise without further research which I don't have time for any more today.
Hopefully you or someone can help them.
3 Likes
thank you for your efforts...
2 Likes
I'm not familiar with Django either, but it does have some "Let's Encrypt" features with the whole django-letsencrypt ยท PyPI et cetera.. @Sixpiece already showed a screenshot of that.. But I'm just not sure how that would work..
4 Likes
Yes, thank you for bringing that up...
I have done it and completed those steps. Please note there's this administration panel which created a ACME object as follows:
where I can create a challenge and a response for example
Challenge will be july-14 response: jour-de-la-bastille
next is visiting
emplois.kagan.ch//.well-known/acme-challenge/july-14
http://emplois.kagan.ch/.well-known/acme-challenge/july-14
that returns jour-de-la-bastille it would also work with curl , etc.. does this give any hint ? it was also detailed before just not in the same sphere...
with curl :
(env) $ curl -i http://emplois.kagan.ch//.well-known/acme-challenge/july-14
HTTP/1.1 200 OK
Date: Sun, 23 Jul 2023 16:38:40 GMT
Server: Apache/2.4.53 (FreeBSD) OpenSSL/1.1.1o-freebsd mod_wsgi/4.9.5.dev1 Python/3.11
Content-Length: 19
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Cross-Origin-Opener-Policy: same-origin
Content-Type: text/plain
jour-de-la-bastille
I am not sure exactly how to do the next steps where it issues a challenge and gets a response, generates the pem files and then I have to add it to Virtual Host:443... also another problem with it is that I like to use mysql but luckily this project is sqlite but if I want to do this in the future it wouldn't seemingly be viable since it does say it only works with postgresql or sqlite . I have sqlite installed on this project but I have another with django that uses mysql...
1 Like
I'm not sure either, django-letsencrypt doesn't have much info about that.
That's probably not Let's Encrypt/certificate related, is it? Usually MySQL (or MariaDB, quite a popular drop-in MySQL replacement) is run on the same host as the client, so one can simply use a local Unix socket without any networking involved.
1 Like
sorry I misread it is compatble with mysql, sqlite and postgresql
it's Let's Encrypt/certificate related because django-letsencrypt states specifically that they are only compatible with mysql, sqlite and postgresql.. So whatever solution they do somehow in the end provide will only work provided the database is one of those not mariadb for example but it doesn't seem like it will ever be an issue for me. I generally use mysql ...
I don't know if this works or not, it has not been updated for years, there's no success stories, there's no example as promised, it's one of the avenues I tried to do... I hope there's no virus or spyware on it...
Not sure this has been asked/posted yet...
But, since we are taking about Apache, I'd like to see the output of:
sudo apachectl -t -D DUMP_VHOSTS
2 Likes
(env) $ sudo apachectl -t -D DUMP_VHOSTS
VirtualHost configuration:
*:80 is a NameVirtualHost
default server kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:24)
port 80 namevhost kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:24)
alias www.kagan.ch
port 80 namevhost inf1070.online (/usr/local/etc/apache24/extra/httpd-vhosts.conf:39)
port 80 namevhost www.inf1070.online (/usr/local/etc/apache24/extra/httpd-vhosts.conf:52)
port 80 namevhost mgl7361.online (/usr/local/etc/apache24/extra/httpd-vhosts.conf:66)
port 80 namevhost www.dogwalking.click (/usr/local/etc/apache24/extra/httpd-vhosts.conf:79)
port 80 namevhost chat.videotron.eu (/usr/local/etc/apache24/extra/httpd-vhosts.conf:92)
port 80 namevhost www.chanochsushi.site (/usr/local/etc/apache24/extra/httpd-vhosts.conf:115)
port 80 namevhost chanochsushi.site (/usr/local/etc/apache24/extra/httpd-vhosts.conf:128)
port 80 namevhost kiryastosh.org (/usr/local/etc/apache24/extra/httpd-vhosts.conf:141)
port 80 namevhost mikeswedding.online (/usr/local/etc/apache24/extra/httpd-vhosts.conf:154)
port 80 namevhost carwashsupply.online (/usr/local/etc/apache24/extra/httpd-vhosts.conf:168)
port 80 namevhost kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:181)
port 80 namevhost awldmsystems.com (/usr/local/etc/apache24/extra/httpd-vhosts.conf:194)
wild alias *.awldmsystems.com
port 80 namevhost emplois.kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:208)
port 80 namevhost translate.videotron.eu (/usr/local/etc/apache24/extra/httpd-vhosts.conf:236)
port 80 namevhost dogwalking.click (/usr/local/etc/apache24/extra/httpd-vhosts.conf:254)
port 80 namevhost ryan.kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:267)
port 80 namevhost videotron.com (/usr/local/etc/apache24/extra/httpd-vhosts.conf:282)
alias www.videotron.com
port 80 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-vhosts.conf:295)
alias www.hydroponique.club
port 80 namevhost kiryastash.com (/usr/local/etc/apache24/extra/httpd-vhosts.conf:304)
alias www.kiryastash.com
port 80 namevhost videotron.fr (/usr/local/etc/apache24/extra/httpd-vhosts.conf:331)
port 80 namevhost info.videotron.fr (/usr/local/etc/apache24/extra/httpd-vhosts.conf:343)
port 80 namevhost faber-castell.store (/usr/local/etc/apache24/extra/httpd-vhosts.conf:355)
alias www.faber-castell.store
port 80 namevhost hydroponique.shop (/usr/local/etc/apache24/extra/httpd-vhosts.conf:369)
alias www.hydroponique.shop
port 80 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-vhosts.conf:381)
alias www.hydroponique.club
port 80 namevhost videotron.eu (/usr/local/etc/apache24/extra/httpd-vhosts.conf:393)
alias www.videotron.eu
port 80 namevhost alexanderpicov.com (/usr/local/etc/apache24/extra/httpd-vhosts.conf:407)
alias www.alexanderpicov.com
port 80 namevhost paul.kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:419)
alias pesach.kagan.ch
port 80 namevhost canadatradecorp.com (/usr/local/etc/apache24/extra/httpd-vhosts.conf:430)
alias www.canadatradecorp.com
*:443 is a NameVirtualHost
default server kagan.ch (/usr/local/etc/apache24/extra/httpd-ssl.conf:124)
port 443 namevhost kagan.ch (/usr/local/etc/apache24/extra/httpd-ssl.conf:124)
port 443 namevhost faber-castell.store (/usr/local/etc/apache24/extra/httpd-ssl.conf:297)
alias www.faber-castell.store:443
port 443 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-ssl.conf:327)
alias www.hydroponique.club:443
port 443 namevhost mgl7361.online (/usr/local/etc/apache24/extra/httpd-ssl.conf:358)
port 443 namevhost inf1070.online (/usr/local/etc/apache24/extra/httpd-ssl.conf:390)
port 443 namevhost www.sleepbamboo.ca (/usr/local/etc/apache24/extra/httpd-ssl.conf:422)
alias www.sleepbamboo.ca:443
port 443 namevhost sleepbamboo.ca (/usr/local/etc/apache24/extra/httpd-ssl.conf:455)
alias sleepbamboo.ca:443
port 443 namevhost www.dogwalking.click (/usr/local/etc/apache24/extra/httpd-ssl.conf:487)
port 443 namevhost dogwalking.click (/usr/local/etc/apache24/extra/httpd-ssl.conf:519)
port 443 namevhost ryan.kagan.ch (/usr/local/etc/apache24/extra/httpd-ssl.conf:551)
port 443 namevhost translate.videotron.eu (/usr/local/etc/apache24/extra/httpd-ssl.conf:580)
port 443 namevhost awldmsystems.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:617)
alias www.awldmsystems.com
port 443 namevhost mikeswedding.online (/usr/local/etc/apache24/extra/httpd-ssl.conf:653)
alias www.mikeswedding.online
port 443 namevhost info.videotron.fr (/usr/local/etc/apache24/extra/httpd-ssl.conf:689)
port 443 namevhost videotron.fr (/usr/local/etc/apache24/extra/httpd-ssl.conf:718)
port 443 namevhost www.videotron.eu (/usr/local/etc/apache24/extra/httpd-ssl.conf:747)
port 443 namevhost videotron.eu (/usr/local/etc/apache24/extra/httpd-ssl.conf:774)
port 443 namevhost videotron.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:801)
port 443 namevhost hydroponique.shop (/usr/local/etc/apache24/extra/httpd-ssl.conf:837)
port 443 namevhost www.kagan.ch (/usr/local/etc/apache24/extra/httpd-ssl.conf:870)
port 443 namevhost chanochsushi.site (/usr/local/etc/apache24/extra/httpd-ssl.conf:903)
port 443 namevhost www.chanochsushi.site (/usr/local/etc/apache24/extra/httpd-ssl.conf:936)
port 443 namevhost www.hydroponique.shop (/usr/local/etc/apache24/extra/httpd-ssl.conf:968)
port 443 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-ssl.conf:999)
alias www.hydroponique.club:443
port 443 namevhost kiryastash.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:1031)
port 443 namevhost www.videotron.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:1080)
port 443 namevhost kiryastosh.org (/usr/local/etc/apache24/extra/httpd-ssl.conf:1117)
port 443 namevhost alexanderpicov.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:1154)
alias www.alexanderpicov.com:443
port 443 namevhost paul.kagan.ch (/usr/local/etc/apache24/extra/httpd-ssl.conf:1190)
alias pesach.kagan.ch
port 443 namevhost canadatradecorp.com (/usr/local/etc/apache24/extra/httpd-ssl.conf:1219)
port 443 namevhost carwashsupply.online (/usr/local/etc/apache24/extra/httpd-ssl.conf:1248)
(env) $
I see two sets of name:port overlaps:
port 80 namevhost kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:181)
port 80 namevhost kagan.ch (/usr/local/etc/apache24/extra/httpd-vhosts.conf:24)
alias www.kagan.ch
port 80 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-vhosts.conf:381)
alias www.hydroponique.club
port 80 namevhost hydroponique.club (/usr/local/etc/apache24/extra/httpd-vhosts.conf:295)
alias www.hydroponique.club
Each name:port combination should only appear once in the entire configuration.
3 Likes
interesting that would make for a good study . thank you for pointing that out... but it's not the issue that I am looking at at the moment in the thread but I will get around to studying your point on this ...
1 Like