Let's have a look at this file - not sure if that is where the secure site operates at.
That section seems to be missing a lot.
Plus I don't see where it ends...
Try using 3 back ticks before and after your add text.
Like:
```
your text
```
I have edited my posts for insert 3 back ticks. I hope is helpfull
1 Like
I fail to find this location anywhere in your post:
I do see that is the cert path, no need to show the file.
Found it:
I guess you could put a test file in that location and see if it is accessible from the Internet.
echo "test" >> /var/lib/letsencrypt/.well-known/acme-challenge/test-file
http://your.domain/.well-known/acme-challenge/test-file
I test a file, on local network I access to them without problem.
From the internet I’ve a timeout, my NAS is very slowly. So i reboot it but after from internet i always a timeout.
Which internal IP does your router port forward ports 80 and 443 to?
Is that the same IP as the NAS?
[be sure your ISP is not blocking port 80]
I get this for port 80 from outside:
curl -Iki http://home.rolland.net/
curl: (7) Failed to connect to home.rolland.net port 80: No route to host
and these for port 443:
curl -Iki https://home.rolland.net/
curl: (7) Failed to connect to home.rolland.net port 443: Connection refused
curl -Iki https://home.rolland.net/
HTTP/1.1 403 Forbidden
Date: Thu, 04 Jun 2020 08:17:01 GMT
Server: Apache
Last-Modified: Tue, 26 Apr 2016 09:33:13 GMT
ETag: "1e5-5315ffb666840"
Accept-Ranges: bytes
Content-Length: 485
Vary: Accept-Encoding
Content-Type: text/html
I checked le nat configuration, internet port 80 is translate to a wrong IP on my local network
I changed the config and execute again the renew of the certificate
Now HTTP access changed but is still unable to find the test file:
curl -Iki http://home.rolland.net/.well-known/acme-challenge/test-file
HTTP/1.1 404 Not Found
Date: Thu, 04 Jun 2020 08:24:07 GMT
Server: Apache
Last-Modified: Tue, 26 Apr 2016 09:33:13 GMT
ETag: "1e5-5315ffb666840"
Accept-Ranges: bytes
Content-Length: 485
Vary: Accept-Encoding
Content-Type: text/html
The file name is : testMR.html
Don’t end it with .html
That doesn’t match the file type that will be used.
ok, the acme.sh script is in progress and I passed sucessfuly the check
Then the problem has been fixed.
You’re welcome.
Yes :
[Thr Jun 4 10:25:13 CEST 2020] Cert success.
[Thr Jun 4 10:25:13 CEST 2020] Your cert is in /volume1/homes/admin/acme/home.rolland.net/home.rolland.net.cer
[Thr Jun 4 10:25:13 CEST 2020] Your cert key is in /volume1/homes/admin/acme/home.rolland.net/home.rolland.net.key
[Thr Jun 4 10:25:13 CEST 2020] APP
[Thr Jun 4 10:25:13 CEST 2020] Your cert is in /volume1/homes/admin/acme/home.rolland.net/home.rolland.net.cer
[Thr Jun 4 10:25:13 CEST 2020] Your cert key is in /volume1/homes/admin/acme/home.rolland.net/home.rolland.net.key
[Thr Jun 4 10:26:04 CEST 2020] Run reload cmd: /usr/syno/sbin/synoservicecfg --reload httpd-sys
[Thr Jun 4 10:26:07 CEST 2020] Reload success
To resume :
- my server wasn’t served the HTTP 80 requests => I launch webserver on port 80
- The NAT on my Freebox haven’t translation port on 80 => I add it on Freebox admin console
- I upgraded the acme.sh by command :
./acme.sh --upgrade - I copied my domain directory to the new directory of acme :
cp -p -R home.rolland.net/ /volume1/homes/admin/acme - I renew my certificate with this command :
./acme.sh --renew -d home.rolland.net
Thank you very much for your time and attention
1 Like
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.