Ports open but not seen by certbot

Help
41

I did a quick look (TDS right?) and did not see anything obvious. Except that your IP is dynamic and you need a business account for static IP. Do you have a bus grade account?

They also have Hacker Protect service. If you have that maybe it is too aggressive?

3 Likes
42

Who would protect Hackers!?!?!?
LOL

3 Likes
43

Good one! Actually, it's Hacker Alert (not sure that's better)

3 Likes
44

I do not have a bus grade account, and I also don't have this "hacker protect/alert" service lol

1 Like
45

Please:

3 Likes
46

oh sorry,
the hardware is a Raspberry Pi 3 connected to the internet via ethernet to my router
I am using ssh to connect to the server (and this site) from a windows 10 desktop

1 Like
47

From Win10, show:
http://192.168.4.60/

1 Like
48

matrix
matrix574×563 10.6 KB

2 Likes
49

OK
So "the problem" is not in the Pi.

3 Likes
50

On Pi, show:
find / -name snakeoil*

1 Like
51

find / -name snakeoil*
/etc/nginx/snippets/snakeoil.conf

52 
# Self signed certificates generated by the ssl-cert package
# Don't use them in a production server!

ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
54

Update this file to this:

# configuration file /etc/nginx/sites-enabled/matrix.corkboard.wtf:

server { #HTTP
  server_name matrix.corkboard.wtf;
  location ^/(?!\.well-known) {            # skip challenge requests
    return 301 https://$host$request_uri;  # send all requests to HTTPS
  }# location
  root /new/dedicated/challenge/path;      # path for challenge requests
}

server { #HTTPS
	listen 443;
        server_name matrix.corkboard.wtf;
        location / {
                proxy_pass http://localhost:8008;
        }
  ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
  ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

  #ssl_certificate     /etc/letsencrypt/live/matrix.corkboard.wtf/fullchain.pem;
  #ssl_certificate_key /etc/letsencrypt/live/matrix.corkboard.wtf/privkey.pem;
}
1 Like
55

NOTE:
/new/dedicated/challenge/path
is something you need to create (and change to a real path)

1 Like
56

ok, ive done that

1 Like
57

nginx is now giving errors

2022/04/26 03:28:55 [emerg] 9518#9518: cannot load certificate "/etc/ssl/certs/ssl-cert-snakeoil.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/ssl/certs/ssl-cert-snakeoil.pem, r) error:10000080:BIO routines::no such file)
ubuntu@ubuntu:~$ sudo nginx
nginx: [emerg] cannot load certificate "/etc/ssl/certs/ssl-cert-snakeoil.pem": BIO_new_file() failed (SSL: error:80000002:system library::No such file or directory:calling fopen(/etc/ssl/certs/ssl-cert-snakeoil.pem, r) error:10000080:BIO routines::no such file)
58

OK, just rem out those two line:

  #ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
  #ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
1 Like
59

Lines have been removed, what should I do now?

60

restart nginx

1 Like
61

It has been done