Good Evening All,
I do sincerely apologise that you're going to see another request for help with renewal of certificates, but a gander through the search and many googles later, I am not sure how to proceed further.
I'm self hosting Owncloud on a Raspberry Pi.
VERSION="10 (buster)"
I'm running with Apache2
It's accessible on ports 80 and 443 at http://foxcloud.kitmyth.net (auto redirects to https://foxcloud.kitmyth.net/index.php/login) or you can enter https://foxcloud.kitmyth.net if you want to.
I have full access to my Pi and the installation of Owncloud as needed through the terminal
I had Let's Encrypt working thanks to the following Owncloud documentation
https://doc.owncloud.com/server/next/admin_manual/installation/letsencrypt/using_letsencrypt.html
And as you can see, based on the certificate, it had a nice active certificate generated which has just expired (12th Dec 2021)
My auto renewal didn't work and I realised it was expired when the Owncloud app complained about Cert errors.
So, my domain is:
When I run command:
sudo /etc/letsencrypt/foxcloud.kitmyth.net.sh
I am prompted for my webroot, of which I enter:
/var/www/html/owncloud/
To which I get the following result:
Waiting for verification...
Cleaning up challenges
Running post-hook command: service apache2 reload
Failed authorization procedure. foxcloud.kitmyth.net (http-01): urn:ietf:params:acme:error:unauthorized :: The client lacks sufficient authorization :: Invalid response from http://foxcloud.kitmyth.net/.well-known/acme-challenge/4OxQcnxt6RPC2x2QfixAW3EK4MKG9By07wIC_4ZL31s [84.71.199.22]: "\n<html class="ng-csp" data-placeholder-focus="false" lang="en" >\n\t<head data-requesttoken="XnMLJEMTLB9eChMgYwAObA"
IMPORTANT NOTES:
-
The following errors were reported by the server:
Domain: foxcloud.kitmyth.net
Type: unauthorized
Detail: Invalid response from
http://foxcloud.kitmyth.net/.well-known/acme-challenge/4OxQcnxt6RPC2x2QfixAW3EK4MKG9By07wIC_4ZL31s
[84.71.199.22]: "\n<html class="ng-csp"
data-placeholder-focus="false" lang="en" >\n\t<head
data-requesttoken="XnMLJEMTLB9eChMgYwAObA"To fix these errors, please make sure that your domain name was
entered correctly and the DNS A/AAAA record(s) for that domain
contain(s) the right IP address.
The above was when I tested disabling the https redirect. When it's enabled, the error is the same, but refers to a https url instead.
I have the following directory structure with an appropriate text file in the acme-challenge directory:
pi@habitatring:/etc/apache2/sites-available $ ls -lsh /var/www/html/owncloud/.well-known/acme-challenge/
total 4.0K
0 -rwxr-xr-x 1 www-data www-data 0 May 15 2021 1234
4.0K -rw-r--r-- 1 www-data www-data 24 Dec 13 21:18 test.text
But when I attempt to access said file from my browser, I get an Owncloud response that the file is not found.
The version of Certbot shows as:
certbot 0.31.0
I have access to my /var/log/letsencrypt.log if that is any help?
I recall I had problems with it working the first time, if I recall I had to open port 80 on the firewall to my Pi for the first issue to work, however, this is no longer the case it seems.
I have the following virtual host configuration under
/etc/apache2/sites-avaialble/
"000-default.conf"
<VirtualHost *:80>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
ServerName foxcloud.kitmyth.net
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html/owncloud
Redirect permanent / https://foxcloud.kitmyth.net/owncloud/
Alias /.well-known/acme-challenge/ /var/www/html/owncloud/.well-known/acme-challenge/
<Directory "/var/www/html/owncloud/.well-known/acme-challenge/">
Options None
AllowOverride None
ForceType text/plain
RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
</Directory>
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
"owncloud.conf"
Alias /owncloud "/var/www/html/owncloud/"
<Directory /var/www/html/owncloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/html/owncloud
SetEnv HTTP_HOME /var/www/html/owncloud
#Redirect permanent / https://foxcloud.kitmyth.net/
</Directory>
With Kindest Regards,