Sudo add-apt-repository ppa:certbot/certbot


#1

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is: confowiz.com

I ran this command: sudo add-apt-repository ppa:certbot/certbot

It produced this output: sudo add-apt-repository ppa:certbot/certbot
This is the PPA for packages prepared by Debian Let’s Encrypt Team and backported for Ubuntu(s).
More info: https://launchpad.net/~certbot/+archive/ubuntu/certbot
Press [ENTER] to continue or Ctrl-c to cancel adding it.
gpg: unknown option ‘show-only’
gpg: invalid import options
Got ‘0’ fingerprints, expected only one
Failed to add key.

My web server is (include version): Apache 2.4.29 Ubuntu

The operating system my web server runs on is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Google cloud

I can login to a root shell on my machine (yes or no, or I don’t know): yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):


#2

There may not be anyone here who knows how to debug add-apt-repository or GnuPG issues. You might get better results asking on an Ubuntu forum.

Giving it a try…

What do “dpkg -l gnupg2” and “sudo which gpg gpg2” show?


#3

Also could be worth trying to import the key manually:

gpg --search 8C47BE8E75BCA694

#4

Ah… You’re right.

It should be “dpkg -l gnupg”, not “dpkg -l gnupg2”. Though both could be interesting, if something is wrong.


#5

I used the command wget https://dl.eff.org/certbot-auto and it worked for me.

Further after running command sudo certbot --apache and selecting my domain I got this error

Can you kindly assist why I got this error.


#6

Hi @Amitjasrotia

curious. Checking your domain I see a good http status 404:


Domainname Http-Status redirect Sec. G
http://confowiz.com/
35.196.69.99 301 https://confowiz.com/ 0.220 A
http://www.confowiz.com/
35.196.69.99 301 https://confowiz.com/ 0.220 E
https://confowiz.com/
35.196.69.99 200 7.297 N
Certificate error: RemoteCertificateChainErrors
https://www.confowiz.com/
35.196.69.99 200 6.294 N
Certificate error: RemoteCertificateChainErrors
http://confowiz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
35.196.69.99 301 https://confowiz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.223 A
http://www.confowiz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
35.196.69.99 301 https://confowiz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 0.223 E
https://confowiz.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 404 5.937 N
Not Found
Certificate error: RemoteCertificateChainErrors

Letsencrypt checks a file under /.well-known/acme-challenge with a random filename. You have redirects (this isn’t a problem), then a good 404 - not found.

Create the two subdirectories in your webroot (/.well-known/acme-challenge) if they don’t exist, there a file (file name 1234 without extension), then try to load this file via

http://confowiz.com/.well-known/acme-challenge/1234

If that works, you have found your correkt webroot. Then use

certbot run -a webroot -i apache -w yourWebroot -d confowiz.com -d www.confowiz.com

#7

Thanks, this was helpful.
Site has SSL now.


#8

That option is added in version 2.2.0 of GnuPG. What version of GnuPG do you have?


closed #9

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.