SSL in windows for subdomain name , A record dns

Help
1

My domain is: webinar.Processing: letsencrypt.log.4...

I ran this command:
certbot certonly
certbot certonly --webroot
certbot certonly --standalone

It produced this output:
certbot.errors.StandaloneBindError: Problem binding to port 80: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions
2021-08-30 18:13:32,246:ERROR:certbot._internal.log:Problem binding to port 80: [WinError 10013] An attempt was made to access a socket in a way forbidden by

My web server is (include version): OpenLiteSpeed in Cyberpanel

The operating system my web server runs on is (include version):Ubuntu 20.04

My hosting provider, if applicable, is:Exclusive server of our company

I can login to a root shell on my machine (yes or no, or I don't know): Yes

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): CyberPanel

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot):certbot 1.18.0

I have Server HP G10+ and with ESXI I crated virtualization , I have Cyberpanel latest version on Ubuntu server 20.04 and this control panel have Powerful DNS manager , now I crated some A record with static IP address and I need crate certificate to put it on my windows to run specific service with SSL ,
First of all I got many error in using certbot , Second I need SSL auto renew

This is my log file :

2021-08-30 18:13:25,307:DEBUG:certbot._internal.main:certbot version: 1.18.0
2021-08-30 18:13:25,308:DEBUG:certbot._internal.main:Location of certbot entry point: C:\Program Files (x86)\Certbot\bin\certbot.exe
2021-08-30 18:13:25,308:DEBUG:certbot._internal.main:Arguments: ['--standalone', '--preconfigured-renewal']
2021-08-30 18:13:25,308:DEBUG:certbot._internal.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2021-08-30 18:13:25,398:DEBUG:certbot._internal.log:Root logging level set at 30
2021-08-30 18:13:25,412:DEBUG:certbot._internal.plugins.selection:Requested authenticator standalone and installer None
2021-08-30 18:13:25,420:DEBUG:certbot._internal.plugins.selection:Single candidate plugin: * standalone
Description: Spin up a temporary webserver
Interfaces: Authenticator, Plugin
Entry point: standalone = certbot._internal.plugins.standalone:Authenticator
Initialized: <certbot._internal.plugins.standalone.Authenticator object at 0x0420DE20>
Prep: True
2021-08-30 18:13:25,421:DEBUG:certbot._internal.plugins.selection:Selected authenticator <certbot._internal.plugins.standalone.Authenticator object at 0x0420DE20> and installer None
2021-08-30 18:13:25,421:INFO:certbot._internal.plugins.selection:Plugins selected: Authenticator standalone, Installer None
2021-08-30 18:13:25,504:DEBUG:certbot._internal.main:Picked account: <Account(RegistrationResource(body=Registration(key=None, contact=(), agreement=None, status=None, terms_of_service_agreed=None, only_return_existing=None, external_account_binding=None), uri='https://acme-v02.api.letsencrypt.org/acme/acct/179101570', new_authzr_uri=None, terms_of_service=None), b7ac3053a47d244238ac5dd857fc3d2a, Meta(creation_dt=datetime.datetime(2021, 8, 28, 11, 23, 10, tzinfo=<UTC>), creation_host='lms', register_to_eff='farzan1984@hotmail.com'))>
2021-08-30 18:13:25,509:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2021-08-30 18:13:25,520:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2021-08-30 18:13:26,371:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2021-08-30 18:13:26,372:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Aug 2021 13:43:26 GMT
Content-Type: application/json
Content-Length: 658
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "IKE-Im_fE2k": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2021-08-30 18:13:26,373:DEBUG:certbot.display.ops:No installer, picking names manually
2021-08-30 18:13:31,124:DEBUG:certbot._internal.display.obj:Notifying user: Requesting a certificate for webinar.istanbulbama-divar.ir
2021-08-30 18:13:31,392:DEBUG:certbot.crypto_util:Generating RSA key (2048 bits): C:\Certbot\keys\0006_key-certbot.pem
2021-08-30 18:13:31,427:DEBUG:certbot.crypto_util:Creating CSR: C:\Certbot\csr\0006_csr-certbot.pem
2021-08-30 18:13:31,429:DEBUG:acme.client:Requesting fresh nonce
2021-08-30 18:13:31,429:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2021-08-30 18:13:31,641:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2021-08-30 18:13:31,642:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Aug 2021 13:43:31 GMT
Connection: keep-alive
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 0101sWxtrIyiJk7NiMOS0wQTaPQcb99iaOpWJfOlv3jQ9h8
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800


2021-08-30 18:13:31,643:DEBUG:acme.client:Storing nonce: 0101sWxtrIyiJk7NiMOS0wQTaPQcb99iaOpWJfOlv3jQ9h8
2021-08-30 18:13:31,643:DEBUG:acme.client:JWS payload:
b'{\n  "identifiers": [\n    {\n      "type": "dns",\n      "value": "webinar.istanbulbama-divar.ir"\n    }\n  ]\n}'
2021-08-30 18:13:31,660:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTc5MTAxNTcwIiwgIm5vbmNlIjogIjAxMDFzV3h0ckl5aUprN05pTU9TMHdRVGFQUWNiOTlpYU9wV0pmT2x2M2pROWg4IiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIifQ",
  "signature": "jx5ieFUS8wdnOVyAAKt63C3k0ol2XDBDOBuz9X79f1RiGRsWcltu0HEvdOvWdmw55FglJaIzms2d-zdoNpuGY6qmmy4xGuQP1SxDDYyGzJAzJAbp2_LFlCo3oh-x3yY-gpodIp4P3fJbJBq70UB4YKnTP9gzqIty0KGmx6R_j1CkTEIL30V9tVlOnX49Ltg1t7g7vwG3K4PjS0hRNAyfyom9jouQjg9vRoQegUeAKEv7GhGnc0TUyY1ZPDLIegNrZqol9mnM9YbRbakWIXZGIIJg9vUUiFWkqqh5mLIR4pPVVePOfzKYKFT2vtDWqRaP2qefHQ-5XSQp4IZgOveYKg",
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwKICAgICAgInZhbHVlIjogIndlYmluYXIuaWNmLmlyIgogICAgfQogIF0KfQ"
}
2021-08-30 18:13:31,937:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 337
2021-08-30 18:13:31,939:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Date: Mon, 30 Aug 2021 13:43:31 GMT
Content-Type: application/json
Content-Length: 337
Connection: keep-alive
Boulder-Requester: 179101570
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/179101570/20731099850
Replay-Nonce: 0101Pw51BzkqeFV1PAjEnMlrjCzn3CzM4Be7xFG1FuK1woU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "status": "pending",
  "expires": "2021-09-06T13:26:11Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "webinar.istanbulbama-divar.ir"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz-v3/26448153800"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/179101570/20731099850"
}
2021-08-30 18:13:31,939:DEBUG:acme.client:Storing nonce: 0101Pw51BzkqeFV1PAjEnMlrjCzn3CzM4Be7xFG1FuK1woU
2021-08-30 18:13:31,940:DEBUG:acme.client:JWS payload:
b''
2021-08-30 18:13:31,955:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz-v3/26448153800:
{
  "protected": "eyJhbGciOiAiUlMyNTYiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvMTc5MTAxNTcwIiwgIm5vbmNlIjogIjAxMDFQdzUxQnprcWVGVjFQQWpFbk1scmpDem4zQ3pNNEJlN3hGRzFGdUsxd29VIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei12My8yNjQ0ODE1MzgwMCJ9",
  "signature": "PjFbbockXv_7jXXg5JN1Ri6b3CnJ_dNRdT5mdm6rAQRA_RDMnjRkl2s2ItaWc-xNggYc0tQH45LnCOgavHeTQqiMCiKJzo3pdkswdQNXjFpTyGi_iOU25lwX5wZXuQugKAxwCJ8zBIMpaH4PeJOLR1fgBtwUM6vFa_KELNijFJvY0abkuXM1xzCvFV3yOAcj5ArkUF9W5adFa4IzBb2k945KGAa2J1YnLHSMlnC1MsE0cOIIE28R8nvqRXacOU79Y3I4-MP-9NTJWdXVLZpBN3UtfDTXIaIC2K0qFRdsxWsja0khShlAS7a-RayJG0Ghev3QSF30iU9R7jUfM3oWXg",
  "payload": ""
}
2021-08-30 18:13:32,230:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz-v3/26448153800 HTTP/1.1" 200 795
2021-08-30 18:13:32,231:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Date: Mon, 30 Aug 2021 13:43:32 GMT
Content-Type: application/json
Content-Length: 795
Connection: keep-alive
Boulder-Requester: 179101570
Cache-Control: public, max-age=0, no-cache
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: 010226y0CwAD7PWQgbpPUr0dOe6-nbx2d_q9MxnpRbN37Kc
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800

{
  "identifier": {
    "type": "dns",
    "value": "webinar.istanbulbama-divar.ir"
  },
  "status": "pending",
  "expires": "2021-09-06T13:26:11Z",
  "challenges": [
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/26448153800/A68MKQ",
      "token": "iN5P2AE4AvvjLmct7PQhZnEv5o-cOZKo-38-tA3hM-8"
    },
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/26448153800/6HhqwA",
      "token": "iN5P2AE4AvvjLmct7PQhZnEv5o-cOZKo-38-tA3hM-8"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/chall-v3/26448153800/TL7W2Q",
      "token": "iN5P2AE4AvvjLmct7PQhZnEv5o-cOZKo-38-tA3hM-8"
    }
  ]
}
2021-08-30 18:13:32,232:DEBUG:acme.client:Storing nonce: 010226y0CwAD7PWQgbpPUr0dOe6-nbx2d_q9MxnpRbN37Kc
2021-08-30 18:13:32,233:INFO:certbot._internal.auth_handler:Performing the following challenges:
2021-08-30 18:13:32,233:INFO:certbot._internal.auth_handler:http-01 challenge for webinar.istanbulbama-divar.ir
2021-08-30 18:13:32,234:DEBUG:acme.standalone:Failed to bind to :80 using IPv6
2021-08-30 18:13:32,235:DEBUG:acme.standalone:Failed to bind to :80 using IPv4
2021-08-30 18:13:32,239:DEBUG:certbot._internal.error_handler:Encountered exception:
Traceback (most recent call last):
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 71, in run
    servers = acme_standalone.HTTP01DualNetworkedServers(
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 197, in __init__
    BaseDualNetworkedServers.__init__(self, HTTP01Server, *args, **kwargs)
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 110, in __init__
    raise last_socket_err
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 85, in __init__
    server = ServerClass(*new_args, **kwargs)
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 187, in __init__
    HTTPServer.__init__(
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 180, in __init__
    BaseHTTPServer.HTTPServer.__init__(self, *args, **kwargs)
  File "socketserver.py", line 452, in __init__
  File "http\server.py", line 138, in server_bind
  File "socketserver.py", line 466, in server_bind
OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 153, in perform
    return [self._try_perform_single(achall) for achall in achalls]
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 153, in <listcomp>
    return [self._try_perform_single(achall) for achall in achalls]
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 160, in _try_perform_single
    _handle_perform_error(error)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 213, in _handle_perform_error
    raise error
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 158, in _try_perform_single
    return self._perform_single(achall)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 163, in _perform_single
    servers, response = self._perform_http_01(achall)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 170, in _perform_http_01
    servers = self.servers.run(port, challenges.HTTP01, listenaddr=addr)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 74, in run
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

2021-08-30 18:13:32,239:DEBUG:certbot._internal.error_handler:Calling registered functions
2021-08-30 18:13:32,240:INFO:certbot._internal.auth_handler:Cleaning up challenges
2021-08-30 18:13:32,240:DEBUG:certbot._internal.log:Exiting abnormally:
Traceback (most recent call last):
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 71, in run
    servers = acme_standalone.HTTP01DualNetworkedServers(
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 197, in __init__
    BaseDualNetworkedServers.__init__(self, HTTP01Server, *args, **kwargs)
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 110, in __init__
    raise last_socket_err
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 85, in __init__
    server = ServerClass(*new_args, **kwargs)
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 187, in __init__
    HTTPServer.__init__(
  File "C:\Program Files (x86)\Certbot\pkgs\acme\standalone.py", line 180, in __init__
    BaseHTTPServer.HTTPServer.__init__(self, *args, **kwargs)
  File "socketserver.py", line 452, in __init__
  File "http\server.py", line 138, in server_bind
  File "socketserver.py", line 466, in server_bind
OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "runpy.py", line 194, in _run_module_as_main
  File "runpy.py", line 87, in _run_code
  File "C:\Program Files (x86)\Certbot\bin\certbot.exe\__main__.py", line 29, in <module>
    sys.exit(main())
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\main.py", line 15, in main
    return internal_main.main(cli_args)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\main.py", line 1566, in main
    return config.func(config, plugins)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\main.py", line 1426, in certonly
    lineage = _get_and_save_cert(le_client, config, domains, certname, lineage)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\main.py", line 128, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\client.py", line 456, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\client.py", line 386, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\client.py", line 436, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, self.config, best_effort)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\auth_handler.py", line 70, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 153, in perform
    return [self._try_perform_single(achall) for achall in achalls]
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 153, in <listcomp>
    return [self._try_perform_single(achall) for achall in achalls]
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 160, in _try_perform_single
    _handle_perform_error(error)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 213, in _handle_perform_error
    raise error
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 158, in _try_perform_single
    return self._perform_single(achall)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 163, in _perform_single
    servers, response = self._perform_http_01(achall)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 170, in _perform_http_01
    servers = self.servers.run(port, challenges.HTTP01, listenaddr=addr)
  File "C:\Program Files (x86)\Certbot\pkgs\certbot\_internal\plugins\standalone.py", line 74, in run
    raise errors.StandaloneBindError(error, port)
certbot.errors.StandaloneBindError: Problem binding to port 80: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions
2021-08-30 18:13:32,246:ERROR:certbot._internal.log:Problem binding to port 80: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions
2

Hi @raha, welcome to the LE community forum :slight_smile:

It seems that certbot won't be able to be run in this mode:

As there is already another service using port 80.

The logs file shown only covers that attempt.
So I can't be certain why these attempts have also failed:

That said, I do see a DNS problem with the FQDN webinar.istanbulbama-divar.ir
Your listed authoritative DNS servers:

istanbulbama-divar.ir   nameserver = ns1.flynic.ir
istanbulbama-divar.ir   nameserver = ns2.flynic.ir

are refusing to resolve that domain:

nslookup -q=ns istanbulbama-divar.ir ns1.flynic.ir.
Address:  185.8.173.105
*** UnKnown can't find istanbulbama-divar.ir: Query refused

nslookup -q=ns istanbulbama-divar.ir ns2.flynic.ir.
Address:  185.8.173.105
*** UnKnown can't find istanbulbama-divar.ir: Query refused

Also, both names resolve to only one IP:

Name:    ns1.flynic.ir
Address: 185.8.173.105

Name:    ns2.flynic.ir
Address: 185.8.173.105

[this is NOT good practice]

3

Hello @rg305 and Thanks for your welcome
Also thanks for reply and give me the lid
I stop the port 80 and the command run successfully but at the end I got this :
Certbot has set up a scheduled task to automatically renew this certificate in the background.
and after 3 hours nothing happened .
1-Please tell me why and what should I do?
2-Please tell me if I used the Stunell in my system with the Key of generated by certbot , Is it automatically renew?
Warm Regards ,
Raha

4

Let's have a look at the output of:
certbot certificates

I suspect that you do now have a cert and all that is left is for you to use it in your web service.

5

I should run certbot with "Run ass administrator" command then I stoped all adobe servise and then try to get certificate
now I have the files , but in cmd show me this path :

C:\Certbot\live\mysite\fullchain.pem
C:\Certbot\live\mysite\privkey.pem

and the file is just shortcut of the original files
image
and the original files name is different with the shortcut ,
Now I want to put them in the Stunell , I must use the path I mentioned above or I must enter the correct pat of files?
According that I want to use them in stunell , How could it renew the certificates automatically?

6

Stunel nedd key file

cert = C:\Connect\stunnel\certs\public_certificate_meeting-server.pem
key = C:\Connect\stunnel\certs\private_key_meeting-server.key

When the process of Certbot was finished , I couldn't find the key files.
Where is it?

7

symlinks are normal.
That way even when the actual files are updated the symlink will remain the same (but always pointing to the latest files).

8

Try pointing Stunel to the \live\ symlinks:

cert = C:\Certbot\live\mysite\fullchain.pem
key  = C:\Certbot\live\mysite\privkey.pem
9

How automatic renew the certificates?

10

certbot would normally setup a job to check twice a day for expiring certs and renew them.
Did you use HTTP-01 authentication method or DNS-01 authentication method to obtain the cert?

11

DNS-01 authentication method

12

Manually or via API plugin?

13

Let me explain that ,
I have server that running ESXI , and have many VM machine , one of the is for windows and the other is for linux ubuntu to running the Webmin control panel
Now in windows I installed the Adobe connect and for using HTTPS in adobe connect I installed the certbot on my windows and request to get SSL certificate ,
On the other hand in my Webmin I have crated website and it have 1domain record for dns and I add 2 A record to point the windows adobe connect service with IP.
Now I want to schedule the task of renewing license of SSL.

Hope this information was clear .
Now you tell me please how add that schedule task?
Thanks

14

certbot doesn't need to know anything about who/what will be using the cert.
It has only one mission: To maintain your certs usefulness.
To that end, the instructions found at: Certbot - Windows Other (eff.org)
Show:

image
image909×383 32.8 KB

So there may already be a scheduled task to handle the renewals.
Try running the "Task Scheduler" app and looking for an entry for certbot.