Letsencrypt and no-ip

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:footie.ddns.net:93

I ran this command:na

It produced this output:na

My web server is (include version):apache2

The operating system my web server runs on is (include version):debian buster

My hosting provider, if applicable, is:no-ip

I can login to a root shell on my machine (yes or no, or I don't know):yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):na

Before I spend a lot of time maybe wasted, can you confirm that i can install letsencrypt ssl certs on my apache2 webserver with a free no-ip domain name givin me https protection. Thanks for your help...

yes, you can.

you need to control either port 80 or 443, tho. you can install the certificate on 93, but you must use 80 or 443 to perform the validation. (or use the dns challenge by adding a txt record from the no-ip interface -- but you should use a verification method that can renew your certificate without human intervention, like http-01 on port 80)

4 Likes

Hi, many thanks for your very quick reply. I have never done this before, are there any instructions anywhere on how to do this please (ive been on no-ip and no real help there for me). Your help is appreciated. Kind regards Don...

1 Like

Here, have instructions for your software and OS: Certbot Instructions | Certbot

4 Likes

Top man, thanks for your help....

3 Likes

Hi, I get the following error:
$ sudo ln -s /snap/bin/certbot /usr/bin/certbot
ln: failed to create symbolic link '/usr/bin/certbot': File exists

The file does exist and it was created back in 2020...can I delete this file and run the command again or shall I just continue as the file does exist ?? many thanks Don...

the instructions told you to uninstall old certbots: did you?

3 Likes

opppps, (very red faced) ...to be honest cant ever remember installing it. Can i go back and uninstall it all and start again ?
sudo apt-get remove certbot , sudo dnf remove certbot , or sudo yum remove certbot

yes, you can.

(it's debian... so apt-get)

4 Likes

Uninstalled and autoreoved, rebooted but still says installed ?? Im struggling with this now..

pi@raspberrypi:~ $ sudo apt-get remove certbot
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package 'certbot' is not installed, so not removed
The following packages were automatically installed and are no longer required:
augeas-lenses libaugeas0 python-pyicu python3-acme python3-augeas
python3-certbot python3-configargparse python3-configobj python3-future
python3-josepy python3-mock python3-parsedatetime python3-pbr
python3-requests-toolbelt python3-rfc3339 python3-tz python3-zope.component
python3-zope.event python3-zope.hookable python3-zope.interface
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
pi@raspberrypi:~ $ sudo apt-get autoremove
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED:
augeas-lenses libaugeas0 python-pyicu python3-acme python3-augeas
python3-certbot python3-configargparse python3-configobj python3-future
python3-josepy python3-mock python3-parsedatetime python3-pbr
python3-requests-toolbelt python3-rfc3339 python3-tz python3-zope.component
python3-zope.event python3-zope.hookable python3-zope.interface
0 upgraded, 0 newly installed, 20 to remove and 0 not upgraded.
After this operation, 9,178 kB disk space will be freed.
Do you want to continue? [Y/n] y
(Reading database ... 123342 files and directories currently installed.)
Removing python3-augeas (0.5.0-1) ...
Removing libaugeas0:armhf (1.11.0-3) ...
Removing augeas-lenses (1.11.0-3) ...
Removing python-pyicu (2.2-2) ...
Removing python3-certbot (0.31.0-1+deb10u1) ...
Removing python3-acme (0.31.0-2) ...
Removing python3-configargparse (0.13.0-1) ...
Removing python3-configobj (5.0.6-3) ...
Removing python3-parsedatetime (2.4-2) ...
Removing python3-future (0.16.0-1) ...
Removing python3-josepy (1.1.0-2) ...
Removing python3-mock (2.0.0-4) ...
Removing python3-pbr (4.2.0-5) ...
Removing python3-requests-toolbelt (0.8.0-1) ...
Removing python3-rfc3339 (1.1-1) ...
Removing python3-tz (2019.1-1) ...
Removing python3-zope.component (4.3.0-1) ...
Removing python3-zope.event (4.2.0-1) ...
Removing python3-zope.hookable (4.0.4-4+b3) ...
Removing python3-zope.interface (4.3.2-1+b2) ...
Processing triggers for libc-bin (2.28-10+rpt2+rpi1+deb10u2) ...
pi@raspberrypi:~ $ sudo snap install --classic certbot
snap "certbot" is already installed, see 'snap help refresh'
pi@raspberrypi:~ $

it looks fine. you installed it before.

3 Likes

OK, moving on, when it asks for the domain name do I put footie.ddns.net or footie.ddns.net:93 ? Thank you

Just remember to do the symbolic link-creation step for /usr/bin/certbot again.

Just footie.ddns.net without the port.

Also, please note that your website is reported as containing harmful content by Google:

https://transparencyreport.google.com/safe-browsing/search?url=footie.ddns.net

3 Likes

I did do the link creation again and it worked but!!!
Some challenges have failed.
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.

Yes,that why I am trying to install SSL to stop this

2023-08-04 15:58:08,063:DEBUG:urllib3.connectionpool:http://localhost:None "GET$
2023-08-04 15:58:09,531:DEBUG:certbot._internal.main:certbot version: 2.6.0
2023-08-04 15:58:09,532:DEBUG:certbot._internal.main:Location of certbot entry $
2023-08-04 15:58:09,532:DEBUG:certbot._internal.main:Arguments: ['--apache', '-$
2023-08-04 15:58:09,533:DEBUG:certbot._internal.main:Discovered plugins: Plugin$
2023-08-04 15:58:09,606:DEBUG:certbot._internal.log:Root logging level set at 30
2023-08-04 15:58:09,609:DEBUG:certbot._internal.plugins.selection:Requested aut$
2023-08-04 15:58:09,894:DEBUG:certbot_apache._internal.configurator:Apache vers$
2023-08-04 15:58:10,799:DEBUG:certbot._internal.plugins.selection:Single candid$
Description: Apache Web Server plugin
Interfaces: Authenticator, Installer, Plugin
Entry point: apache = certbot_apache._internal.entrypoint:ENTRYPOINT
Initialized: <certbot_apache._internal.override_debian.DebianConfigurator objec$
Prep: True
2023-08-04 15:58:10,801:DEBUG:certbot._internal.plugins.selection:Selected auth$
2023-08-04 15:58:10,802:INFO:certbot._internal.plugins.selection:Plugins select$
2023-08-04 15:58:10,872:DEBUG:certbot._internal.main:Picked account: <Account(R$
2023-08-04 15:58:10,875:DEBUG:acme.client:Sending GET request to https://acme-v$
2023-08-04 15:58:10,883:DEBUG:urllib3.connectionpool:Starting new HTTPS connect$
2023-08-04 15:58:11,353:DEBUG:urllib3.connectionpool:https://acme-v02.api.letse$
2023-08-04 15:58:11,356:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Fri, 04 Aug 2023 14:58:11 GMT
Content-Type: application/json
Content-Length: 752
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
"5mAncaJ43hI": "https://community.letsencrypt.org/t/adding-random-entries-to-$
"keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
"meta": {
"caaIdentities": [

A certificate won't matter for Google Safe Browsing.

2 Likes

it should've told you a lot more than this

4 Likes

Im panicking here...my site must have been hacked...how do I find what the problem is...

is your port 22 reachable from the internet, and are you still using "raspberry" as a password?

If so, turn everything off and start anew with another sdcard.

3 Likes

i dont use password raspberry and not sure how to check if paort 22 is available from the network. I just tried to connect to my public ip address with port 22 from a browser and it says site cant be reached which must be good ??