I am new to this and may have tried to many time as I was getting several errors until I sorted out the firewall, was not aware that I required the appliance to be accessible from outside.
we already have our own wildcard certificate, but would like to use the Let’s encrypt for this server?
Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=cfts.co), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
OK I may have found the issue. Looks like Diaban (stretch) does not support python-virtualenv, and seems no way I can find (keep in mind that im unfamiliar with diaban) to make it support.
Seems owncloud lets encrypt cannot be used with the current version of owncloud as when
certbot-auto is run I get the following:
Package python-virtualenv is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package 'python-virtualenv' has no installation candidate
apt-get update does not solve the issue and when apt-cache search python-virtualenv a null result is returned.
seems my issues maybe with the owncloud VM, I will do a fresh VM using centos im really not very familiar with Debian, and it seems the documentation for owncloud is also not aimed at Debian.
edit @_az you were right about port 80 I forgot we have 2 firewalls edge and internal, my bad I forgot the internal one, I really feel silly.
However seems the site is still insecure even though the certificate is clearly present.
main issue was the firewall, both port 80 and 443 needed to be exposed to the outside world.in order for ‘lets’ encrypt to do its thing.
note: hon your cert skills on the staging environment first! avoid all the delays.
in order to get http to https redirect working correctly, I created a .httacess file in the /var/www directory (root of my owncloud installation)
##### HTTP to HTTPS redirection
## Since you have enabled HSTS the first redirection rule will instruct the browser to visit the HTTPS version of your
## site, this prevents unsafe redirections through HTTP.
RewriteCond %{HTTPS} !=on [OR]
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
## HSTS Header - See http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS
</IfModule>