[OSX Server] Enable LE for home server with dyndns host

Server
1

Hello everyone,

After days brooding over how to enable LE for my server, I finally reach out to the community for help as I seem to have exceptionally failed :rofl:

First things first, if I am fairly computer savvy I am quite the beginner in anything related to server set-up and management, so please bear with me. :cold_sweat:

I have installed the overly disparaged macOS server 5.5 (High Sierra) since I need a cheap, allegedly easy way to set up a private server with a few services. In order to have a remote access to my server I use a free dyndns hostname. After a lengthy process to get to the right settings to access the services online, I have come to understand SSL certificates - or the lack thereof - were key to ensure reliable remote access as auto-certification could generate issue with services like webdav or vpn.

I have then tried to install LE on the server following the various guidelines notably available here.
I have successfully come to the point where the following folders are created:
~/letsencrypt
/etc/letsencrypt

I then followed the guide on Certbot to try to issue and recuperate the certificates. This is where I hit the wall. I relentlessly get the error message: ā€œProblem binding to port 80: Could not bind to IPv4 or IPv6.ā€

Any comment/input would be greatly appreciated at this pointā€¦

Thanks in advance for taking the time to consider my issue.
Best,

Chris

2

Do you have a web server running already on your server, on port 80?

That error would indicate that you used Certbot in standalone mode.

If you already have a web server running, you should run Certbot in webroot mode instead, as described in that article.

3

Thanks @_az for taking the time to reply! Greatly appreciated :blush:

This is where I reach my limits and I am not sure I understand the whole issue very well.

I do have a server but I forwarded the ports so it should not run on port 80. I tried to close the server app anyway but the result was the same. When I ran the command on the terminal sudo lsof -i :80 to see where something is listening and indeed I get server PIDS pointing to apacheā€¦ but as I said, I am not sure what to do from there.

4

In this case you need to stop Apache first.
Then run the program again.(certbot)

(If you see an output in sudo lsof -8 :80. It means the program is still binding your port, hense certbot produced that error message)

Thank you

5

Thanks @stevenzhu!
It seems I have a problem with my Apache configuration. I tried to run cerbot as root and I had an error message (Error while running apachectl configtest.) A few logs ending with :
Syntax error on line 23 of /private/etc/apache2/other/httpd_webdavsharing.conf:\nPort must be specified\nā€™,)

Any idea?

6

Hi,

Can you share the config file? should start like this:
<VirtualHost *: 8079> (if using port 8079)

Thank you

7

Which config file? I have screened Apache/VitualHost config file and a bunch of plist but I canā€™t seem to find what you refer to. :cold_sweat:

8

This one

/private/etc/apache2/other/httpd_webdavsharing.conf

9

Thanks for you patience @stevenzhu
The line <VirtualHost *: 8079> is not there.
There is a bunch of RewriteCond, otherwise the RewriteRule points to port 81$1 (!) and the ProxyPassReserve to Port 81. It does not look promisingā€¦

10

Hi,

Can you share the output of command
apachectl -S

Thank you.

11

It returns: Command not found

12

you must create a fake network interface and map the macOS services on that interface, so you can use port 80 on your main interface. Few macOS services are using at default port 80 and 443

Tell me, if you need a ā€œHowToā€ for that

13

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.