Boa tarde , tudo bem ? tentando subir o SSL no netbox apache 2 e esta dando seguinte erro
mar 28 12:32:00 netbox apachectl[104418]: [Tue Mar 28 12:32:00.152097 2023] [core:error] [pid 104418:tid 140430338116928] (EAI 2)Name or service not known: AH00547: Co>
mar 28 12:32:00 netbox apachectl[104418]: AH00526: Syntax error on line 8 of /etc/apache2/sites-enabled/netbox.conf:
mar 28 12:32:00 netbox apachectl[104418]: SSLCertificateKeyFile: file '/etc/ssl/private/server.insecure.key' does not exist or is empty
mar 28 12:32:00 netbox apachectl[104415]: Action 'start' failed.
como verifico se ssl existe
Please show:
ls -l /etc/ssl/private/server.insecure.key
And how was that file created?
3 Likes
ele mostra esse erro na abrir a pasta ls: não foi possível acessar '/etc/ssl/private/server.insecure.key': Arquivo ou diretório inexistente
consegui subir , so uma ajuda quando eu coloco https ele vai agora nao coloco so dominio netbox.conectiva.srv.br ele abre a pagina Debian , poderia me ajudar
Failed to renew certificate netbox.conectiva.srv.br with error: Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80.
All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/netbox.conectiva.srv.br/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
Ask for help or search for solutions at https://community.letsencrypt.org. See the logfile /var/log/letsencrypt/letsencrypt.log or re-run Certbot with -v for more details.
deu isso agora
Please show file:
/etc/letsencrypt/renewal/netbox.conectiva.srv.br.conf
3 Likes
# renew_before_expiry = 30 days
version = 2.4.0
archive_dir = /etc/letsencrypt/archive/netbox.conectiva.srv.br
cert = /etc/letsencrypt/live/netbox.conectiva.srv.br/cert.pem
privkey = /etc/letsencrypt/live/netbox.conectiva.srv.br/privkey.pem
chain = /etc/letsencrypt/live/netbox.conectiva.srv.br/chain.pem
fullchain = /etc/letsencrypt/live/netbox.conectiva.srv.br/fullchain.pem
# Options used in the renewal process
[renewalparams]
account = 1809aa6c72913f9a83cdae6c1dcbb6a9
authenticator = apache
installer = apache
server = https://acme-v02.api.letsencrypt.org/directory
key_type = ecdsa
apareceu isso
An apache vhost is expected.
What happened to apache?
Please show:
sudo apachectl -t -D DUMP_VHOSTS
3 Likes
sudo apachectl -t -D DUMP_VHOSTS
[Tue Mar 28 15:03:22.457317 2023] [core:error] [pid 110178:tid 140419892751680] (EAI 2)Name or service not known: AH00547: Could not resolve host name ssl -- ignoring!
VirtualHost configuration:
*:443 is a NameVirtualHost
default server netbox.0.62.107.conectivafibra.net.br (/etc/apache2/sites-enabled/000-default.conf:1)
port 443 namevhost netbox.0.62.107.conectivafibra.net.br (/etc/apache2/sites-enabled/000-default.conf:1)
port 443 namevhost 131.0.62.107 (/etc/apache2/sites-enabled/netbox.conf:1)
alias netbox.conectiva.srv.br
Failed to renew certificate netbox.conectiva.srv.br with error: Some challenges have failed.
All simulated renewals failed. The following certificates could not be renewed:
/etc/letsencrypt/live/netbox.conectiva.srv.br/fullchain.pem (failure)
1 renew failure(s), 0 parse failure(s)
agora deu isso
The apache configuration is badly damaged.
Do you have a backup?
3 Likes
teria que tirar e subir backup
consegui voltar aqui certificado, mais mesmo assim como forço o http pra ir pro https
Oi @Wallace,
No geral o Certbot poderá fazê-lo com certbot --apache.
Se não o fez, é possível colocar algo como
RewriteEngine on
RewriteCond %{SERVER_NAME} =example.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
no seu virtualhost HTTP (não seu virtualhost HTTPS!), substituindo example.com pelo seu nome de domínio.
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.