Issue with certificate

So the issue is this I had my server accesible at:

http://mdbserver.ddns.net

and I could access my owncloud instance. But I wanted to have an https certificate for security.

However after running lets encrypt it now times out in the browser and I get the below error code when I try to verify it. Even if I just use the normal http which worked before. Any ideas?

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:
mdbserver.ddns.net

I ran this command:

Used Let’s encrypt from dietpi menu.

It produced this output:

Error code 1:
An unexpected error occurred:
Error creating new order :: Cannot issue for “mdbserver.ddns.net/owncloud”: Domain name contains an invalid character

My web server is (include version):

lighttpd/1.4.53 (ssl)

The operating system my web server runs on is (include version):

Dietpi - Latest version : v6.31.2

My hosting provider, if applicable, is:

no-ip

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

Unsure of this answer

More of the output

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

2020-08-01 15:38:44,541:DEBUG:certbot.main:certbot version: 0.31.0
2020-08-01 15:38:44,541:DEBUG:certbot.main:Arguments: [’–webroot’, ‘-w’, ‘/var/www’, ‘–agree-tos’ 2020-08-01 15:38:44,544:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#man
2020-08-01 15:38:44,566:DEBUG:certbot.log:Root logging level set at 20
2020-08-01 15:38:44,567:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2020-08-01 15:38:44,569:DEBUG:certbot.plugins.selection:Requested authenticator webroot and install$
2020-08-01 15:38:44,569:DEBUG:certbot.plugins.selection:Single candidate plugin: * webroot
Description: Place files in webroot directory
Interfaces: IAuthenticator, IPlugin
Entry point: webroot = certbot.plugins.webroot:Authenticator
Initialized: <certbot.plugins.webroot.Authenticator object at 0xb57c7a70>
Prep: True
2020-08-01 15:38:44,570:DEBUG:certbot.plugins.selection:Selected authenticator <certbot.plugins.web$
2020-08-01 15:38:44,570:INFO:certbot.plugins.selection:Plugins selected: Authenticator webroot, Ins$
2020-08-01 15:38:44,589:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Regis$
2020-08-01 15:38:44,591:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.o$
2020-08-01 15:38:44,595:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.ap$
2020-08-01 15:38:45,168:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET $
2020-08-01 15:38:45,169:DEBUG:acme.client:Received response:
HTTP 200

1 Like

Well, Let's Encrypt only issues certificates for pure FQDNs, not for URIs. Your """hostname""" contains the path /owncloud which obviously is part of an URI and not part of the FQDN. You should try to issue a certificate for just mdbserver.ddns.net without the path part. How this is achieved through the DietPi menu? I don't know, could even be a buggy implementation from DietPi's part.

Also, the reason why your Owncloud is "down" is because a redirect from HTTP to HTTPS is in effect, probably installed after you succesfully got a certificate issued yesterday. It seems your port 443 — required for "basic" HTTPS (without specifying a non-standard port) — isn't open. Could be a NAT router without the proper portmap or a firewall which has port 443 closed.

2 Likes

It was my firewall setup and all is running well now.

Initially I thought it was because I hadn’t included /owncloud/ but it was my own idiocy.

Thanks for your help @Osiris

2 Likes

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.