The problem with the installation

exec · October 31, 2019, 10:40am

OC FreeBSD 12
When installing from ports, a conflict occurs.

===> Installing for py36-requests-toolbelt-0.8.0
===> Checking if py36-requests-toolbelt is already installed
===> Registering installation for py36-requests-toolbelt-0.8.0 as automatic
Installing py36-requests-toolbelt-0.8.0…
pkg-static: py36-requests-toolbelt-0.8.0 conflicts with py27-requests-toolbelt-0.8.0 (installs files into the same place). Problematic file: /usr/local/share/doc/requests-toolbelt/_sources/adapters.rst.txt
*** Error code 70

Stop.
make[3]: stopped in /usr/ports/www/py-requests-toolbelt
*** Error code 1

Stop.
make[2]: stopped in /usr/ports/www/py-requests-toolbelt
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/security/py-acme
*** Error code 1

Stop.
make: stopped in /usr/ports/security/py-certbot

What to do?

schoen · October 31, 2019, 6:28pm

Hi @exec,

Do you have a way to contact the FreeBSD Python port maintainers? It looks like the person responsible for these packages in FreeBSD ports is wg@freebsd.org.

exec · November 1, 2019, 8:19am

I am installed ports /usr/ports/security/py-certbot. All goods. But does not start.

=# cd /usr/local/bin

=# certbot certonly --webroot -w /data/mydomen.ru/www -d mydomen.ru -d *.mydomen.ru
certbot: Нет соответствий.

=# ./certbot certonly --webroot -w /data/mydomen.ru/www -d mydomen.ru -d *.mydomen.ru
./certbot: Нет соответствий.

=# /usr/local/bin/certbot certonly --webroot -w /data/mydomen.ru/www -d mydomen -d *.mydomen.ru
/usr/local/bin/certbot: Нет соответствий.

=# ls -l | grep certb
lrwxr-xr-x 1 root wheel 11 1 nov. 11:01 certbot -> certbot-3.6
-rwxr-xr-x 1 root wheel 393 1 nov. 11:01 certbot-3.6

“Нет соответствий.” Translation-> “There are no matches.”

Why?

schoen · November 1, 2019, 4:53pm

I haven’t used FreeBSD in a while, but I wonder if your shell is complaining about the lack of quotes around the wildcard *.mydomen.ru.

exec · November 5, 2019, 6:15am

Oh. Yes! Thank! " - It helped.

_# certbot certonly --webroot -w /data/mydomen.ru/www -d “mydomen.ru” -d “*.mydomen.ru”
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator webroot, Installer None
Obtaining a new certificate
Performing the following challenges:
Client with the currently selected authenticator does not support any combination of challenges that will satisfy the CA. You may need to use an authenticator plugin that can do challenges over DNS.

How to be here? It used to work.

I generated a certificate for the domain d.mydomen.ru
Web server - apache24-2.4.41

Sorry. I don’t understand what is required of me.

Or for each subdomain do you need to generate?
sub1.mydomen.ru
sub2.mydomen.ru
sub3.mydomen.ru
sub4.mydomen.ru

schoen · November 6, 2019, 6:16pm

Let’s Encrypt requires the use of the DNS challenge for wildcard certificates like “*.mydomen.ru”. The --webroot method doesn’t support the DNS challenge.

So, you can get your wildcard certificate by using --manual instead of --webroot. In this case, you can’t renew the certificate automatically with certbot renew (and also you don’t need the -w). Or, you can issue your certificate for each subdomain, without the wildcard; in that case, --webroot will work.

The best case for wildcards is to use a DNS host that offers an API for automated updates. This can be made to work with automated renewals. But without a way to create new DNS records automatically from software, you won’t be able to perform non-interactive renewals of wildcard certificates.

system · December 6, 2019, 6:16pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.