It finished successfully. Sorry for forgetting your alt. command at first.
We keep getting derailed and side-tracked and are now going in circles.
You don’t seem to have updated
nginx is unable to serve the
/.well-known/acme-challenge/ test files as instructed.
We are literally getting nowhere
fast [and doing it extremely slowly].
Your current choices are (as I see them):
- put another (newer) system in front of this (old) server to proxy the content via a useable web browser and newer
- remove and upgrade the current
certbot(to snaps version)
- update the current system
- upgrade the current system
Probably only #2 is an option, because I don’t have a third computer and BBB only runs on Server 16.04.7 from what I read. Let me see how to upgrade certbot and I’ll be back.
Or swtich to
16.04 is supported by snaps.
- Remove the current
sudo apt remove certbot
- remove any unused…leftovers
sudo apt-get autoremove
- install certbot from snaps
sudo snap install certbot --classic
Ok, got Certbot 1.8 now.
But this change does nothing for
nginx version 1.10.3 - that remains
Hopefully 1.8.0 can work better with it.
[and walk through the choices]
Also, OpenSSL may need to be checked/updated as well.
[you are only as secure as your weakest link]
Certbot finished fine and
sudo apt update says everything’s up to date.
? ? ?
Did you get a cert?
Did it say “Congratulations…”
Yes. Renewed and replaced it. Said Congratulations!
Openssl version: 1.0.2g
You then have to do:
sudo apt upgrade
[update only synchronizes the repositories]
They go hand and hand:
sudo apt update
sudo apt upgrade
Yea, I always do that.
sudo apt upgrade says 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
OpenSSL version 1.0.2 is up to update “w”
That’s 16 updates since “g”
And decide if you are OK with using that version.
Well at least that is GOOD NEWS!
Wouldn’t hurt to use a new version of Openssl.
Now you need to test that it works. https://…
And ensure it renews automatically.
Yea, morocotagold.gq opens fine with https.
Agreed but you may have to download/compile it yourself.
Not sure… maybe they have a snaps installer - LOL
then check it with SSL Labs:
Rated a big, green A