No Private Key Generated

paulrobinsontkd · May 3, 2019, 4:59pm

I am trying to configure a reverse proxy using Nginx hosted on my QNAP NAS. I have downloaded qnap-letsencrypt scripts which seem to download the certificates without any errors and generates

letsencrypt/signed.crt
letsencrypt/intermediate.pem
letsencrypt/chained.pem

Looking at the instructions to configure SSL on Nginx i need to provided the following

ssl_certificate www.example.com.crt ;
ssl_certificate_key www.example.com.key ;

The issue i have is i don’t seem to have a private key within the output directory letsencrypt

I assume ssl_certificate will be the signed.crt but what do i use for the private key as i do not have this file.

Apologies as I have not setup Nginx or SSL before so this is new to me

My domain is:
prcomputers.co.uk

I ran this command:

./renew_certificates

It produced this output:

[/share/CACHEDEV1_DATA/.qpkg/qnap-letsencrypt] # ./renew_certificate.sh
Checking whether to renew certificate on Thu, 02 May 2019 14:56:06 +0000
Renewing certificate…
Stopping Qthttpd hogging port 80…
Shutting down Qthttpd services: OK.
Started python HTTP server with pid 29324
Parsing account key…
Parsing CSR…
Found domains: prcomputers.co.uk
Getting directory…
Directory found!
Registering account…
Already registered!
Creating new order…
Order created!
Verifying prcomputers.co.uk…
80.229.152.50 - - [02/May/2019 14:56:22] “GET /.well-known/acme-challenge/GX73NBTBXLgXaLYqpqqjwN-WYjwUhocb7C1tygGwJFk HTTP/1.1” 200 -
prcomputers.co.uk verified!
Signing certificate…
Certificate signed!
Downloading intermediate certificate…
2019-05-02 14:56:24 URL:https://letsencrypt.org/certs/lets-encrypt-x3-cross-signed.pem [1647/1647] -> “-” [1]
Stopping stunnel and setting new stunnel certificates…
Shutting down apache proxy: OK
Done! Service startup and cleanup will follow now…
An error occured. Restoring system state.
./renew_certificate.sh: line 6: 29324 Killed “$(/sbin/getcfg Python Install_Path -f /etc/config/qpkg.conf)/src/bin/python2” …/HTTPServer.py (wd: /share/CACHEDEV1_DATA/.qpkg/qnap-letsencrypt/tmp-webroot)
Start apache proxy: OK
Starting Qthttpd services: Qthttpd.

My web server is (include version):

NginX

The operating system my web server runs on is (include version):

qnap linux

I can login to a root shell on my machine (yes or no, or I don’t know):

Yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

not hosting website only configuring reverse proxy

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

qnap-letsencrypt

Thanks

Paul

JuergenAuer · May 3, 2019, 6:42pm

Hi @paulrobinsontkd

searching there are some samples how to use that script.

There is a shell script included.

With an OpenSSL command.

openssl req -new -sha256 -key keys/domain.key -subj "/" -reqexts SAN -config openssl-csr-config.cnf > domain.csr

Perhaps you have used such a command.

Then the subdirectory key has the private key "domain.key".

paulrobinsontkd · May 6, 2019, 3:57pm

JuergenAuer,

Thanks, yes i can confirm i have the domain.key so will amend my reverse proxy to use that.

Paul

system · June 5, 2019, 3:57pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
QNAP ssl certificate for web server, not myQNAP cloud Help	11	1062	February 29, 2024
How to migrate manually setup letsencrypt to either nginx or CNAME challenge? Server	2	2453	May 2, 2018
Problem with generate cert Help	4	1226	January 12, 2017
Can't install new certificate Help	14	1987	July 1, 2020
Ssl on my qnap 4.2.6 Help	3	3718	July 12, 2019

No Private Key Generated

Related topics