OC FreeBSD 12
When installing from ports, a conflict occurs.
===> Installing for py36-requests-toolbelt-0.8.0
===> Checking if py36-requests-toolbelt is already installed
===> Registering installation for py36-requests-toolbelt-0.8.0 as automatic
Installing py36-requests-toolbelt-0.8.0…
pkg-static: py36-requests-toolbelt-0.8.0 conflicts with py27-requests-toolbelt-0.8.0 (installs files into the same place). Problematic file: /usr/local/share/doc/requests-toolbelt/_sources/adapters.rst.txt
*** Error code 70
Stop.
make[3]: stopped in /usr/ports/www/py-requests-toolbelt
*** Error code 1
Stop.
make[2]: stopped in /usr/ports/www/py-requests-toolbelt
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/security/py-acme
*** Error code 1
Stop.
make: stopped in /usr/ports/security/py-certbot
Do you have a way to contact the FreeBSD Python port maintainers? It looks like the person responsible for these packages in FreeBSD ports is wg@freebsd.org.
_# certbot certonly --webroot -w /data/mydomen.ru/www -d “mydomen.ru” -d “*.mydomen.ru”
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.
How to be here? It used to work.
I generated a certificate for the domain d.mydomen.ru
Web server - apache24-2.4.41
Let’s Encrypt requires the use of the DNS challenge for wildcard certificates like “*.mydomen.ru”. The --webroot method doesn’t support the DNS challenge.
So, you can get your wildcard certificate by using --manual instead of --webroot. In this case, you can’t renew the certificate automatically with certbot renew (and also you don’t need the -w). Or, you can issue your certificate for each subdomain, without the wildcard; in that case, --webroot will work.
The best case for wildcards is to use a DNS host that offers an API for automated updates. This can be made to work with automated renewals. But without a way to create new DNS records automatically from software, you won’t be able to perform non-interactive renewals of wildcard certificates.