My domain is: cloud.itdarmstadt.de
I ran this command:
sudo certbot --nginx -d cloud.itdarmstadt.de
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Certificate not yet due for renewal
You have an existing certificate that has exactly the same domains or certificate name you requested and isn't close to expiry.
(ref: /etc/letsencrypt/renewal/cloud.itdarmstadt.de.conf)
What would you like to do?
1: Attempt to reinstall this existing certificate
2: Renew & replace the certificate (may be subject to CA rate limits)
Select the appropriate number [1-2] then [enter] (press 'c' to cancel): 2
Renewing an existing certificate for cloud.itdarmstadt.de
Successfully received certificate.
Certificate is saved at: /etc/letsencrypt/live/cloud.itdarmstadt.de/fullchain.pem
Key is saved at: /etc/letsencrypt/live/cloud.itdarmstadt.de/privkey.pem
This certificate expires on 2025-06-06.
These files will be updated when the certificate renews.
Deploying certificate
Successfully deployed certificate for cloud.itdarmstadt.de to /etc/nginx/conf.d/nextcloud.conf
Your existing certificate has been successfully renewed, and the new certificate has been installed.
NEXT STEPS:
- The certificate will need to be renewed before it expires. Certbot can automatically renew the certificate in the background, but you may need to take steps to enable that functionality. See User Guide — Certbot 4.0.0.dev0 documentation for instructions.
My web server is (include version):
newest
The operating system my web server runs on is (include version):
Debian
My hosting provider, if applicable, is:
selfhosting in Server housing
I can login to a root shell on my machine (yes or no, or I don't know):
yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel):
only Proxmox and OPNSense
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):
3.2.0
....
Problem is, when I generate via certbot a cert. Certbot put it in its folder and in the nginx config. Seems right.
But when I try to connect, I get an error, because my firewall cert is put on my cloud.itdarmstadt.de domain?
My friend and me tried to fix it wirth openssl, but the cert is expired and I want an automatic solution.
Our old one:
echo | openssl s_client -connect cloud.itdarmstadt.de:443 -servername cloud.itdarmstadt.de 2>/dev/null | openssl x509 -outform PEM > server-cert.pem
2. *[*18:24*]*
echo | openssl s_client -connect cloud.itdarmstadt.de:443 -servername cloud.itdarmstadt.de 2>/dev/null | openssl x509 -outform PEM > server-cert.pem
3. *[*18:25*]*
`echo | openssl s_client -connect cloud.itdarmstadt.de:443 -servername cloud.itdarmstadt.de 2>/dev/null | openssl x509 -outform PEM > /usr/local/share/ca-certificates/example-cert.crt`
4. *[*18:25*]*
`sudo update-ca-certificates`
.....
Maybe some one had the same problem before and can help me with certbot.
My Network is working via NAT.
ISP > PROXMOX Bridge "WAN" > OPENSENE via NAT> PROXMOX Bridge "DMZ" > LXC Cloud Server
Opensense is installed via a closed vm.
When you need settings or something else pls tell me.
Thank you