Unauthorized error - Cant validate using dynamic DNS - Namecheap domain

axo · October 21, 2020, 6:48pm

I am trying to get SSL for a home nexctcloud installation with a dynamic IP.
Domain is axoitech.com and using namecheap's dynamic dns pointing to the IP.
Port 80 is working fine, but look at the terminal errors on the screenshots below.
I tried flushing DNS cache on the router, www, without www, i added the domain to the trusted list in the nextcloud configuration... not sure if i am missing something or is a problem with the way namecheap is redirecting the domain?
Thanks for any help
(i dont see an option to add images here.. ?)
Screenshots:

JuergenAuer · October 21, 2020, 7:03pm

Hi @axo

your name server setup is ok, an A-record with your ip address.

But your screenshot shows the problem.

/.well-known/acme-challenge/random-filename is redirected to the login-page /index.php/login.

So Letsencrypt can't validate your domain.

Change that.

Read the part about http validation:

axo · October 21, 2020, 7:45pm

Ok i understand the problem.. with that redirection it wont be able to validate.
Now when you said

Change that

That's the part i am clueless how to do lol.
I am using the default configuration for nextcloud on a fresh install.. I was able to certify a different instance the same way on google servers, so in this case, my tech skills on Linux don't go this far.
Any tips or a guide to change this redirection will be much appreciated.
Thank you Juergen

rg305 · October 21, 2020, 9:11pm

Hi and welcome to the community forum!

The problems I see are:

Apache is not redirecting HTTP to HTTPS
So this link will never be secure (on it's own): http://axoitech.com/index.php/login
The cert in use is self-signed by "localhost".
That needs to be replaced ASAP - even before fixing issue #1.

So, have you installed an ACME client to get the cert you need?

[&2* readers: Get involved; Be heard. It starts with: if you read something you like, then like it ]

JuergenAuer · October 23, 2020, 1:21pm

I don't know.

You have somewhere that redirect. Find it and change the rules, so /.well-known/ isn't redirected.

There are a lot of online samples how to do that. Most of the Redirect / Rewrite documentations have samples. So use one of your system.

system · November 22, 2020, 1:21pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.