How to generate ssl certificates to Collabora Online?


#1

Hello,
I’m trying to integrate collabora online to my nextcloud (collabora run in a docker), the problem is that I can not generate ssl certificates for the subdomain to collabora. As I run the command: 'sudo -H ./letsencrypt-auto certonly - --standalone -d office.xxxxxx.ddns.net 'I get this output:

Failed authorization procedures. office.xxxxxx.ddns.net (tls-sni-01): urn: acme: error: connection :: The server could not connect to the client to verify the domain :: DNS problem: NXDOMAIN looking up A for office.xxxxxx. ddns.net

IMPORTANT NOTES:

  • The Following errors were reported by the server:

Domain: office.xxxxxx.ddns.net
Type: connection
Detail: DNS problem: NXDOMAIN looking up A for
office.xxxxxx.ddns.net

To fix These errors, please make sure your domain name That was
Entered correctly and the DNS A record (s) For That domain
Contain (s) the right IP address. Additionally, please check That
your computer has a publicly routable IP address and That no
firewalls are Preventing the server from communicating with the
client. If you’re using the plugin webroot, You Should Also verify
That you are serving files from the webroot path you provided.

I believe that the problem is the webroot path! But what is the webroot path of a docker image?


#2

It’s not the webroot path… It’s a DNS error, just like the error message says. But without the full hostname, we can’t know what’s at fault.


#3

Hello Osiris
Thanks for the quick reply,
the hostname is office.cubecloud.ddns.net but it runs inside nextcloud to ‘https://cubecloud.ddns.net’. If you want I can create an account for you and so see for yourself the error message that I get from the app collabora?


#4

The hostname office.cubecloud.ddns.net doesn’t exist in the public DNS:

osiris@desktop ~ $ dig +trace office.cubecloud.ddns.net

; <<>> DiG 9.10.3-P4 <<>> +trace office.cubecloud.ddns.net
;; global options: +cmd
.			3599745	IN	NS	l.root-servers.net.
.			3599745	IN	NS	c.root-servers.net.
.			3599745	IN	NS	b.root-servers.net.
.			3599745	IN	NS	h.root-servers.net.
.			3599745	IN	NS	f.root-servers.net.
.			3599745	IN	NS	k.root-servers.net.
.			3599745	IN	NS	d.root-servers.net.
.			3599745	IN	NS	i.root-servers.net.
.			3599745	IN	NS	e.root-servers.net.
.			3599745	IN	NS	m.root-servers.net.
.			3599745	IN	NS	a.root-servers.net.
.			3599745	IN	NS	g.root-servers.net.
.			3599745	IN	NS	j.root-servers.net.
;; Received 239 bytes from 194.109.6.66#53(194.109.6.66) in 7 ms

net.			172800	IN	NS	e.gtld-servers.net.
net.			172800	IN	NS	d.gtld-servers.net.
net.			172800	IN	NS	c.gtld-servers.net.
net.			172800	IN	NS	i.gtld-servers.net.
net.			172800	IN	NS	a.gtld-servers.net.
net.			172800	IN	NS	b.gtld-servers.net.
net.			172800	IN	NS	k.gtld-servers.net.
net.			172800	IN	NS	l.gtld-servers.net.
net.			172800	IN	NS	g.gtld-servers.net.
net.			172800	IN	NS	h.gtld-servers.net.
net.			172800	IN	NS	j.gtld-servers.net.
net.			172800	IN	NS	f.gtld-servers.net.
net.			172800	IN	NS	m.gtld-servers.net.
net.			86400	IN	DS	35886 8 2 7862B27F5F516EBE19680444D4CE5E762981931842C465F00236401D 8BD973EE
net.			86400	IN	RRSIG	DS 8 1 86400 20161124170000 20161111160000 39291 . aRrRzT8ex2AuBRIZm0s5M+CXzpsmnxRs2RmjMuWen2NFho9f5zdvfyrU BYHRa16MXwO+INfq0x+MJJ620Zobp3CI5KBq3Q3fd+7IwqYOwCi5Amcj BOofRj3GtIPoAAhn1VwsNCSgrNplhRZXBCIagr40Pb3dEUzp10ZPHNnq BPZy4QqlEgh8Q0gNjMQCYASbeTSTHXD0S1SKXs5v+K+q8qa26W5JbnqV owf5OTUs4ieekRpPijibpwZvuLZwBA5uB5AwKyfRIvEMFwm4v7mQFCbH BR8P9+S6c9i+1ld7oLiVBf/HtT2fUKCSVVfz5SeiEGDNnQWI7sjSEctc s/OMew==
;; Received 874 bytes from 2001:dc3::35#53(m.root-servers.net) in 17 ms

ddns.net.		172800	IN	NS	nf1.no-ip.com.
ddns.net.		172800	IN	NS	nf2.no-ip.com.
ddns.net.		172800	IN	NS	nf3.no-ip.com.
ddns.net.		172800	IN	NS	nf4.no-ip.com.
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN NSEC3 1 1 0 - A1RUUFFJKCT2Q54P78F8EJGJ8JBK7I8B NS SOA RRSIG DNSKEY NSEC3PARAM
A1RT98BS5QGC9NFI51S9HCI47ULJG6JH.net. 86400 IN RRSIG NSEC3 8 2 86400 20161118061032 20161111050032 43880 net. W4Fmm7uW9yxCGMAVfOO2YL47t1uGZBwrT3UimuY7Zdj+4vM65J5+RHVh 1OYzVe7bbauZALsyjF8da/4N5Z2jFEMWqMhm0zg15LoNbIt9YxPxyrWF Sv278cjGFmeI4xBEWxEZUbnjFeZOB/SjuMP0pwTPC5hGNG20t26NCK+K 2v0=
E51DDP372MRKCQEHC9KPOF9HP91R589E.net. 86400 IN NSEC3 1 1 0 - E523FUDM7H6HS9QHQQFEGCDNHDQ1K1U9 NS DS RRSIG
E51DDP372MRKCQEHC9KPOF9HP91R589E.net. 86400 IN RRSIG NSEC3 8 2 86400 20161119060922 20161112045922 43880 net. Bi0CXZ6Z06JQS+XgZyHCbVxp0Shkr3Iwh8+BlYP0ZMPTUtxfFlljDlOD akHko9URaupjV+XQFaYEWAyGnAdFs6QWoln+5BcqNboSBHY9UBoXkUVd CE8dk846C7lUJ+ymQZxVKoYd2Mu/3EB2xJDyHP1KUQDGi+Oj7jrIO/21 B+Y=
;; Received 712 bytes from 192.35.51.30#53(f.gtld-servers.net) in 15 ms

ddns.net.		1800	IN	SOA	nf1.no-ip.com. hostmaster.no-ip.com. 2103094102 10800 1800 604800 1800
;; Received 114 bytes from 165.254.162.241#53(nf2.no-ip.com) in 89 ms

osiris@desktop ~ $ 

Therefore, it isn’t possible to get a certificate for that hostname.


#5

Osiris THANK YOU THANK YOU THANK YOU
run it !!!


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.